A U.S. federal agency is investigating a security vulnerability in Binance-owned Trust Wallet that could potentially lead to financial losses.
The National Institute of Standards and Technology (NIST), a unit of the U.S. Department of Commerce, is currently probing Binance-owned Trust Wallet over a potential security vulnerability.
Trust Wallet Faces Potential Security Breach
According to a recent report, the security flaw is associated with a version of Trust Wallet that has misused a feature dubbed the “trezor-crypto library.”
Following the misuse of the trezor-crypto library, the U.S. agency said the flaw could help attackers generate mnemonic words that can be used to steal users’ funds from their Trust Wallets.
Explaining in detail, NIST pointed out that an attacker can leverage the flaw to create mnemonic words within a specific timeframe systematically. Afterward, these mnemonic words can be linked to a particular address to access and steal its crypto holdings.
NIST indicated that a similar security flaw was previously exploited in July 2023, causing huge losses to investors. In the meantime, NIST has commenced an investigation to ascertain the real-world effect of the vulnerability.
Additionally, the agency included the Trust Wallet flaw in a database established for documenting all security issues that are capable of causing financial losses.
Prior Security Breaches
Launched in November 2017, Trust Wallet has encountered a series of security incidents leading to the loss of users’ funds.
Despite Binance acquiring the wallet in 2018, the crypto storage provider has continued to encounter several security breaches. In a series of tweets last year, Trust Wallet confirmed that one of its users was hacked to the tune of $4 million.
According to Trust Wallet, the funds were stolen by an Italian-based criminal organization through a social engineering attack. Popular gaming project Webaverse- the victim of the hack- explained that the attackers stole the funds by merely snapping the wallet’s balance without gaining access to its seed phrases and passwords. The incident raised concerns regarding the safety of Trust Wallet.
Disclaimer: This content is informational and should not be considered financial advice. The views expressed in this article may include the author's personal opinions and do not reflect The Crypto Basic’s opinion. Readers are encouraged to do thorough research before making any investment decisions. The Crypto Basic is not responsible for any financial losses.
-Advertisement-
