Trust Wallet, a crypto wallet, has reported a security vulnerability in its browser extension that resulted in losses of approximately $170,000 for some users. The vulnerability affected wallet addresses created between November 14 and 23, 2022, and was discovered through the company’s bug bounty program when a security researcher reported a WebAssembly vulnerability in the open-source library Wallet Core. Trust Wallet has since patched the issue and advised affected users to transfer their remaining funds to a new wallet. The company will reimburse eligible losses and cover the costs of fund transfers for affected users.
In order to ensure security, it is highly recommended that developers who utilized the Wallet Core library in 2022 upgrade to the most recent version, as there are still around 500 addresses that are vulnerable and have an aggregate balance of $88,000. The breach resulted in two exploits, which affected users will be notified of through the Trust Wallet browser extension.
