$170,000 Loss Resulting from Trust Wallet Vulnerability

Trust Wallet has disclosed a vulnerability in its browser extension that led to the loss of around $170,000. The issue, affecting wallets generated between 14-23 November 2022, was reported by an unnamed security researcher through the Trust Wallet bug bounty program last year. While the company delayed its disclosure in order to reduce potential breaches, the vulnerability was exploited twice. Trust Wallet said new wallets created via the extension before 14 November or after 23 November are not affected, nor are its mobile app users or those who imported wallets into the extension. The firm has created a reimbursement system for affected users and is warning those with vulnerable addresses containing $88,000 to withdraw funds immediately.