{"id":77693,"date":"2023-04-23T14:55:02","date_gmt":"2023-04-23T11:55:02","guid":{"rendered":"https:\/\/forklog.com\/en\/?p=77693"},"modified":"2025-09-11T00:46:21","modified_gmt":"2025-09-10T21:46:21","slug":"trust-wallet-team-fixes-vulnerability-in-the-wallets-core-codebase","status":"publish","type":"post","link":"https:\/\/u1f987.com\/en\/trust-wallet-team-fixes-vulnerability-in-the-wallets-core-codebase\/","title":{"rendered":"Trust Wallet team fixes vulnerability in the wallet\u2019s core codebase"},"content":{"rendered":"<p>The Trust Wallet developers have fixed a vulnerability in the core software library of the non-custodial wallet. The issue affected addresses created via the browser extension between 14 and 23 November 2022.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p dir=\"ltr\" lang=\"en\">1\/10 Trust Wallet is built on security &#038; trust. So we\u2019re sharing a vulnerability affecting new addresses created Nov 14-23,22 using the Browser Extension.<\/p>\n<p>The issue is fixed. Most at-risk funds are secured. Affected users should take actions outlined:<br \/>\u27a1\ufe0f<a href=\"https:\/\/t.co\/X9AEfqWW87\">https:\/\/t.co\/X9AEfqWW87<\/a><\/p>\n<p>\u2014 Trust Wallet (@TrustWallet) <a href=\"https:\/\/twitter.com\/TrustWallet\/status\/1649699428733947906?ref_src=twsrc%5Etfw\">April 22, 2023<\/a><\/p><\/blockquote>\n<p> <script async=\"\" src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>\u00abThe issue has been resolved. Most at-risk funds are secured\u00bb, the statement said.<\/p>\n<\/blockquote>\n<p>The company stressed that the vulnerability did not affect users who relied solely on the mobile Trust Wallet app or who had imported wallets from services run by other providers.<\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>\u00abThe latest versions of the Trust Wallet mobile app and the browser extension remain safe and reliable to use\u00bb, the developers wrote.<\/p>\n<\/blockquote>\n<p>According to <a href=\"https:\/\/community.trustwallet.com\/t\/wasm-vulnerability-incident-update-and-recommended-actions\/750786\">the record<\/a> in the community blog, the vulnerability was linked to the WebAssembly backend module. WebAssembly is a binary format that enables multiple programming languages to be used to build applications. In Trust Wallet it is used to simplify wallet generation via the browser extension.<\/p>\n<p>The team stressed that the vulnerability was not linked to wallet exploits that were <a href=\"https:\/\/u1f987.com\/en\/news\/unknown-metamask-error-costs-users-more-than-10-million\">described by<\/a> MetaMask founder Taylor Monahan on April 18.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p dir=\"ltr\" lang=\"en\">For the past 48hrs I\u2019ve been unwinding a massive wallet draining operation ??<\/p>\n<p>I don\u2019t know how big it is but since Dec 2022 it\u2019s drained 5000+ ETH and ??? in tokens \/ NFTs \/ coins across 11+ chains.<\/p>\n<p>Its rekt my friends &#038; OGs who are reasonably secure.<\/p>\n<p>No one knows how. <a href=\"https:\/\/t.co\/MafntG7RkP\">pic.twitter.com\/MafntG7RkP<\/a><\/p>\n<p>\u2014 Tay ? (@tayvano_) <a href=\"https:\/\/twitter.com\/tayvano_\/status\/1648187031468781568?ref_src=twsrc%5Etfw\">April 18, 2023<\/a><\/p><\/blockquote>\n<p> <script async=\"\" src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>According to the developers, they also found two relevant exploits totaling $170,000. On the affected addresses, assets worth about $88,000 remain. Their owners were advised to withdraw the tokens.<\/p>\n<p>Trust Wallet said it would reimburse affected users for their lost funds.<\/p>\n<p>In April, Ethermint protocol developers from the Cosmos ecosystem said <a href=\"https:\/\/u1f987.com\/en\/news\/ethermint-fixes-a-vulnerability-that-could-have-cost-tens-of-millions-of-dollars\">had fixed a vulnerability worth tens of millions of dollars<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The Trust Wallet developers fixed a vulnerability in the core software library of the non-custodial wallet. The issue affected addresses created via the browser extension between 14 and 23 November 2022.<\/p>\n","protected":false},"author":1,"featured_media":77694,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"1","news_style_id":"1","cryptorium_level":"","_short_excerpt_text":"","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[1301,776,57],"class_list":["post-77693","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-blockchain-vulnerabilities","tag-trust-wallet","tag-wallets"],"aioseo_notices":[],"amp_enabled":true,"views":"24","promo_type":"1","layout_type":"1","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/77693","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/comments?post=77693"}],"version-history":[{"count":1,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/77693\/revisions"}],"predecessor-version":[{"id":77695,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/77693\/revisions\/77695"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/media\/77694"}],"wp:attachment":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/media?parent=77693"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/categories?post=77693"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/tags?post=77693"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}