Trust Wallet has recently announced that it has resolved a vulnerability that could have jeopardized users’ funds. Although the popular crypto wallet team took a few days to fix the issue, it has been several months since the vulnerability was discovered, and Trust Wallet d...
Although the popular crypto wallet team took a few days to fix the issue, it has been several months since the vulnerability was discovered, and Trust Wallet did not disclose the matter publicly.
The wallet advises impacted users to transfer their funds to a new wallet address to safeguard them.
According to a blog post from Trust Wallet, affected users must transfer their funds to new, unaffected wallet addresses to safeguard themselves from the vulnerability.
The wallet project claims to have done everything in its power to alert users and help them reduce the risk of possible attacks.
The vulnerability was initially identified by a security researcher in the wallet’s open-source library, which put private keys at risk.
A small number of users have been affected, and the wallet team has promised to compensate them. Trust Wallet also took to Twitter to make this announcement.
Once the vulnerability was fixed and new wallets were no longer at risk, the team had to decide whether to publicly disclose the vulnerability, according to Decrypt.
Their primary concern was to minimize potential losses for users and maintain the sole ownership of their assets. For this reason, they chose to communicate with users privately, using multiple rounds of push notifications and in-app warnings every minute. The messages included clear instructions on how users could transfer their assets to a secure location.
Trust Wallet was careful to protect users’ privacy and did not share any personally identifiable information with the exchange.
The Trust Wallet team expressed gratitude to Binance’s security team for their assistance in triaging the issue, conducting risk assessments, and communicating with the security researcher.
Instead, Trust Wallet provided affected users with more time to secure their funds before issuing a public warning.