Crypto Wallet provider Trust Wallet has reported a security vulnerability that led to the loss of $170,000 of user funds. According to a thread from their official Twitter handle, Trust Wallet states that an anonymous security researcher reported the security risk back in November 2022 through the company’s bug bounty program.
Based on this security report, Trust Wallet was informed of a WebAssembly vulnerability in their open-source library Wallet Core. Although the security risk has now been neutralized, Trust Wallet reports it did lead to two exploits that resulted in customers losing about $170,000.
According to the statement by the wallet service provider, all new wallet addresses created by browser extension between November 14 to November 23, 2022, are the main hosts of this vulnerability, with wallets created outside that timeline to be considered safe.
Users who also experienced any abnormal fund movement in late December 2022, and late March 2023, may be considered victims of the security vulnerability.
However, Trust Wallet assures everyone that users of its mobile app or users who only imported wallet addresses into the browser extension were totally protected from this breach. Meanwhile, the wallet service company has urged owners of all remaining vulnerable addresses (500) to move their assets – valued at nearly $88,000, to new wallet addresses.
Trust Wallet To Reimburse All Affected Users
While informing the public of this security vulnerability, Trust Wallet provided some reprieve for the affected customers. According to their statement, the company has created a reimbursement plan aimed at paying off all victims of the exploits.
However, customers will be required to pass the claim form verification process of ownership, among other things, in order to qualify for this program. Trust Wallet already stated they have a full list of all affected customers, all of which have received a personal notification from the company.
In addition, they also stated that this security issue has little to no association with the 5,000 ETH wallet drain, which occurred some days ago. In all, Trust Wallet maintains that asset security remains their number one priority as they remain committed to improving their services.
Crypto Heists Still Rampant In 2023
Crypto heists are a known plague of the crypto industry, and they do not seem to be slowing down in 2023. Since the start of the year, over 20 projects have suffered one attack or the other leading to the loss of investors’ funds.
The most notable heist in 2023 remains the theft of about $200 million from DeFi protocol Euler Finance back in March. Although the hacker did return $90 million some days later, there is a clear need for higher security standards in the industry to combat this pandemic effectively.