ChainCatcher reports that Trust Wallet has released an update regarding a security vulnerability in its browser extension version 2.68. The incident affects users of version 2.68 who opened and logged in through the Trust Wallet browser extension between December 24th and 26th. If users receive push notifications through the Trust Wallet mobile application or see a security incident banner on the Trust Wallet browser extension, they may still be using the compromised wallet.
It has been confirmed that 2,520 wallet addresses were affected by this incident and funds were stolen by the attackers, with a total of approximately $8.5 million in assets affected. These assets are linked to 17 wallet addresses controlled by the attackers.
Trust Wallet has decided to proactively compensate affected users and is refining its compensation process and ownership verification procedures. It has also begun communicating with victims who have been in contact with the company over the past few days. Affected users are encouraged to submit an application through the official support form.
