Trust Wallet Confirms Security Flaw in Browser Extension v2.68
According to Trust Wallet, version 2.68 of its browser extension was maliciously altered before release, causing multi-million-dollar losses and prompting a swift rollback and victim compensation program.
Summary
Trust Wallet issued an official statement revealing that its browser extension v2.68 was uploaded to the Chrome store without internal review and contained malicious code, enabling unauthorized transactions and data theft. This breach impacted 2,520 wallet addresses and resulted in losses of approximately $8.5 million. The company has rolled back the extension to version 2.69 and initiated a compensation program for victims.
Terms & Concepts
- Browser Extension Vulnerability: A security flaw in a browser-based application that can be exploited by attackers to access user data or funds.
- Trust Wallet: A multi-currency cryptocurrency wallet that allows users to store, send, and receive digital assets securely.
- Supply-Chain Attack: A cyberattack targeting vulnerabilities in third-party services or development processes to compromise end users through trusted channels.