Trust Wallet Moves into Verification Phase After $7 Million Browser Extension Hack
Trust Wallet has entered a verification phase following a Christmas Day exploit involving its browser extension, which resulted in a significant loss of funds. The company has identified 2,596 wallet addresses tied to the compromised extension, but it has received almost 5,000 reimbursement claims, suggesting a substantial number of false or duplicate submissions.
According to Trust Wallet CEO Eowyn Chen, the company is prioritizing accuracy over speed in verifying claims to ensure that funds are returned to the rightful owners. Chen stated that the team is working diligently to verify claims by combining multiple data points to distinguish legitimate victims from malicious actors.
Source: Eowyn Chen
False Claims Follow $7 Million Browser Extension Hack
Trust Wallet disclosed on Friday that its browser extension had been compromised in a targeted attack affecting desktop users, resulting in $7 million in losses. Binance co-founder Changpeng Zhao, whose exchange owns Trust Wallet, announced that the losses would be fully covered.
Cybersecurity firm SlowMist reported that the malicious extension also exported users’ personal information, raising concerns about potential insider involvement. SlowMist co-founder Yu Xiam noted that the attacker appeared to have prepared the exploit weeks in advance and showed deep familiarity with the source code.
Onchain investigator ZachXBT previously estimated that hundreds were affected, while some industry observers argued that the attacker’s ability to submit a malicious extension update suggested access beyond a typical external hack.
While Trust Wallet confirmed the hack, the company has yet to confirm whether there were any insiders involved. Chen said the team is currently conducting a broader forensic investigation of the attack, which is ongoing and being carried out alongside the broader forensic investigation.
Investigation and Response
Chen stated that the process is ongoing and that the company already has strong working hypotheses for a portion of the cases. The investigation aims to determine the extent of the attack and identify those responsible.
For more information on the Trust Wallet hack and the ongoing investigation, readers can visit the official source.
Smart Tip for Readers
To protect yourself from similar browser extension hacks, it’s essential to regularly review and update your extensions, and only install those from trusted sources. Additionally, consider using a reputable wallet provider that prioritizes security and has a proven track record of protecting user funds.
