Trust Wallet has announced the discovery and resolution of a major vulnerability in its core wallet software library that could have resulted in an estimated loss of around $170,000.
The vulnerability impacted wallet addresses on Ethereum and other blockchains generated through the Trust Wallet browser extension between November 14 and November 23, 2022.
The issue was caused by a vulnerability in WebAssembly, a computer code format that enables developers to use multiple programming languages to build web applications, including those used in crypto wallets.
Trust Wallet’s core software library employed WASM format to facilitate the user creation of their crypto wallets within the browser extension.
Trust Wallet has stated that the vulnerability did not affect users who exclusively used the mobile app or imported wallets into the browser extension using seed phrases from other wallet applications.
Trust Wallet has also created a reimbursement system for affected users and stated that it would issue refunds. The team further clarified that the issue was not related to a recent security incident flagged by MyCrypto founder Taylor Monahan.
Trust Wallet has strengthened the security of its wallet product and reiterated its commitment to providing a secure wallet application for its users.