Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
Trust Wallet released an analysis report saying: "In November 2022, a vulnerability was discovered in the back-end module WebAssembly (WASM) at the core of the open source repository wallet. The vulnerability affected new wallets generated by browser extension versions 0.0.172 and 0.0.182, and only the private keys of a limited number of new wallets created in these versions were affected. Despite our best efforts, two breaches occurred, resulting in a combined loss of approximately $170,000 at the time of the attack. " Attack method (per SlowMist): Wallet Vulnerability. Reported loss: $ 170,000.
- chain
- —
- protocol
- Trust Wallet
- bug_class
- private-key
- date_occurred
- 2022-11-17
- loss_usd
- $170,000
- source_id
- sm:trust-wallet::2022-11-17