Trust Wallet, a popular crypto wallet, has announced that it has fixed a WebAssembly (WASM) vulnerability that impacted wallet addresses on Ethereum and other blockchains generated between November 14 and November 23, 2022.
The vulnerability was present in the wallet’s core software library, which employed the WASM format to facilitate the user creation of their crypto wallets within the browser extension.
The Binance-backed wallet project stated in the post that it had addressed the problem, but two exploits were detected, resulting in an estimated loss of about $170,000.
Trust Wallet emphasized that the vulnerability did not impact users who exclusively utilized the Trust Wallet mobile app, imported wallets into the browser extension using seed phrases from other wallet applications, or created new wallet addresses via the extension before or after the affected period.
To address the issue, Trust Wallet has bolstered the security of its wallet product by conducting more frequent security audits and engaging external auditors to assess their security measures.
The project has also committed to providing a secure wallet application for its users. Furthermore, it has announced that it will issue refunds and has created a reimbursement system to support affected users.
Trust Wallet has clarified that the issue was not connected to a recent security incident flagged by MyCrypto founder Taylor Monahan, in which she claimed that over 5,000 ETH ($10 million) had been mysteriously stolen from multiple user wallets.