Key takeaways
- Value of loss: Around 7 million crypto resources were emptied out of compromised wallets.
- Root cause: The malicious code was added to Trust Wallet Chrome extension 2.68.
- Attack Vector: Encrypted mnemonic phrases stored on wallet unlock and decrypted in the future.
- Discovery: First reported on December 25 following an increase in drained wallet addresses.
- ones: Trust Wallet reported the breach and recommended users to cease using the extension in question.
The losses of cryptocurrency worth an estimated 7 million dollars have been brought about by an attack of the Chrome browser extension and this has brought up concerns anew on the security of browser-based wallets. The attack, which occurred in the run up to Christmas, compromised users who installed the extension whose version had been tampered with, and so the encrypted recovery phrases could be accessed by the attackers that stole money in various wallets.
An independent blockchain investigator was the first person to notice the breach on December 25 when they thought that there was an unusual spike in transactions that were draining wallets. The problem was later identified by a renowned blockchain security company, which identified version 2.68 of the Trust Wallet Chrome extension as the cause of the issue. Based on the results, malicious code was inserted in this version, which enabled the attackers to decrypt encrypted mnemonic phrases on wallet unlock events.
Later, Trust Wallet confirmed the incident through social media, claiming that it had identified the version of the extension that was impacted and it had already acted on the incident. The company also requested the users not to use the affected extension and also secure their funds at once.
What went wrong
According to investigators, the malicious code took advantage of the fact that when the users unlocked their wallets, they were free. In the process, encrypted user password-protected mnemonic phrases were brought out. After the attackers got the encrypted data and the related password or passkey, they could decrypt the mnemonic phrases and have the complete control of the wallets.
Extensions of browsers have always been viewed as a softer target, as opposed to hardware wallets or offline storage, and this incident has solidified these fears.
What experts say
Cybersecurity analysts caution that crypto wallets that are based on the web are susceptible since they are in constant contact with the web. According to analysts, encryption secures the stored information, but as soon as the process of decryption begins where the user inserts a password, it can be compromised in case a malicious code has been installed. Security informed researchers are also beginning to suggest hardware wallets or cold storage, particularly to large holdings by serious investors.
Frequently Asked Questions
Individuals who used and installed the Chrome extension version 2.68 within the period of the attack are the most vulnerable.
According to the disclosed information, the malfunction is constrained to the Chrome browser extension, but not the mobile apps.
During the process of unlocking a wallet, attackers would record encrypted mnemonic phrases and would then decrypt them with the help of the users password or a passkey.
The affected extension should be stopped, and the user should transfer funds into a new wallet with a new recovery phrase and scan all related devices with malware.
They are very convenient and less risky. Specialists suggest hardware wallets or cold storage with long-term and high-valued deposits.
Trust Wallet has claimed it would collaborate with the affected users, although information regarding compensation or reimbursement is yet to be disclosed in full.
Significant risk can be mitigated by regularly updating wallets, checking the sources of extensions, keeping browser wallets to a minimum, and utilizing hardware wallets.
The Trust Wallet breach is another wake-up call given that as more people adopt crypto, more people are providing hackers with incentives. The message to users is that convenience should be struck with caution, particularly in cases where recovery phrases and private keys are concerned.
Source
A digital marketer possessing excellent knowledge and skill in off-page, on page and local SEO is competent in the challenging environment. Hard-working, energetic, and a quick learner for any task delegated. Enthusiastic to learn and constantly upgrade knowledge. Mohit brings over 2 years of experience in crafting content that not only ranks well but also provides valuable insights to readers.
