Trust Wallet Confirms Vulnerability in Chrome Extension Version 2.68
TLDR
- Trust Wallet’s Chrome extension version 2.68 caused unauthorized withdrawals.
- Over $6 million drained from affected wallets after the incident.
- Trust Wallet urges users to disable and upgrade to version 2.69.
- The vulnerability does not affect Trust Wallet’s mobile app or other extensions.
Trust Wallet, a popular cryptocurrency wallet, has confirmed a security incident affecting its Chrome browser extension. The vulnerability was discovered in version 2.68 of the extension and led to unauthorized withdrawals from affected users’ wallets. The breach occurred around Christmas, with reports of stolen funds emerging on December 25. According to on-chain analyst ZachXBT, over $6 million had been drained from wallets by the time the incident was publicly reported.
Trust Wallet immediately responded to the situation, confirming that only the version 2.68 of the Chrome extension was impacted. Users of this version were urged to disable the extension and upgrade to the latest version, 2.69. The company emphasized that other versions, including the mobile application and different browser extensions, were unaffected by the exploit.
Trust Wallet Investigates Root Cause of the Exploit
As of now, Trust Wallet has not confirmed the exact cause of the exploit. The company stated that it is investigating the situation and will share updates as soon as they are available. Trust Wallet acknowledged the seriousness of the incident and assured users that efforts were underway to identify the technical root cause.
The breach was first identified by ZachXBT, who detailed the unauthorized withdrawals following an update to the extension. He highlighted that many users had reported suspicious activity in their wallets after the update was applied on December 24. Trust Wallet confirmed that once the vulnerability was identified, steps were immediately taken to prevent further damage.
Affected Users and Immediate Actions
Users who were affected by the exploit have reported significant losses. At the time of initial reports, the total amount drained from wallets had exceeded $6 million. The exploit seems to have targeted specific versions of the Chrome extension, with version 2.68 being the only one impacted.
Trust Wallet acted quickly by confirming the vulnerability and advising users to take preventive measures. The company provided clear instructions to disable the compromised extension and upgrade to version 2.69 to secure their funds. Additionally, Trust Wallet reassured users that their mobile app and other browser extensions had not been impacted.
The incident serves as a reminder of the importance of regularly updating security software and ensuring that all extensions are running the latest versions. Trust Wallet’s response has been focused on limiting further risk while the investigation continues.
The Future of Trust Wallet and Extension Security
While Trust Wallet’s mobile application remains unaffected, the extension vulnerability has raised questions about the security of browser-based wallets. This incident also highlights the need for constant vigilance regarding potential exploits in widely used software. Trust Wallet has stated that it will continue to monitor the situation and provide updates as the investigation progresses.
Users are urged to stay informed through official communication channels from Trust Wallet to avoid further incidents. The company has promised to enhance its security protocols to prevent similar issues in the future.
The post Trust Wallet Confirms Vulnerability in Chrome Extension Version 2.68 appeared first on CoinCentral.
You May Also Like
Why 100 Percent Test Coverage is Not Possible — Lessons from Testing Banking and Healthcare Systems
US eyes crypto mining at disputed nuclear plant in Russia-Ukraine conflict: report
