Trust Wallet Launches Claims Portal After $7M Chrome Extension Hack

In the wake of a significant security incident involving Trust Wallet’s Chrome extension, which resulted in estimated losses of over $7 million, the platform has introduced a dedicated claims portal for affected users. This development marks a proactive step by Trust Wallet to address the breach, reassure users, and facilitate the recovery of stolen assets. Here, we delve into the details of the breach, its implications, and how the new claims process aims to restore trust in the cryptocurrency wallet provider.

Overview of the Trust Wallet Chrome Extension Breach

The incident began with the discovery of malicious code embedded within Trust Wallet’s Chrome browser extension, specifically starting from version 2.68, released on December 24. This exploit was linked to a leaked Chrome Web Store API key, which allowed attackers to upload a compromised version of the extension. The malicious update contained code designed to extract seed phrases from users, thereby granting attackers unwarranted access to wallets holding various cryptocurrencies such as BTC, ETH, BNB, and SOL.

Blockchain security firm PeckShield confirmed that over $4 million of the stolen funds had already been moved through centralized exchanges like ChangeNOW, FixedFloat, and KuCoin. At the time of detection, approximately $2.8 million remained in wallets controlled by the attacker, indicating ongoing attempts to liquidate or further exploit the assets.

Impact and Response

The breach prompted Trust Wallet, which is owned by Binance, to act swiftly. The platform issued a public statement acknowledging the incident and the origin of the vulnerability. Binance CEO CZ (Changpeng Zhao) assured users that all verified losses would be compensated, emphasizing that user funds remain secure in the mobile app, which was unaffected by the breach.

Furthermore, Trust Wallet promptly released an updated version (2.69) on December 25 to remove the malicious code embedded in the compromised extension. On-chain investigations, including alerts issued by security researchers like ZachXBT, heightened the urgency to contain and mitigate the damage.

Launch of the Trust Wallet Hack Claims Portal

Purpose and Functionality

Recognizing the need for transparency and user support, Trust Wallet has launched an official claims portal. This platform allows affected users to submit claims for reimbursement, detailing their wallet addresses, attacker transaction receiving addresses, transaction hashes, and country of residence. The platform emphasizes the importance of accurate information for verification purposes.

Each claim will undergo a manual review process, ensuring that only legitimate cases are approved. The platform’s primary goal is to prioritize security and accuracy during reimbursements, reaffirming Trust Wallet’s commitment to user protection.

Claims Verification Process

• Submission through the official portal with required details: wallet address, attacker address, transaction hash, and country.
• Manual screening of each claim by Trust Wallet’s support team.
• Case-by-case assessment to determine eligibility for reimbursement.
• Prioritization of security and integrity during the process.

By establishing this claims portal, Trust Wallet aims to demonstrate accountability and bolster user confidence in its security protocols, especially after recent vulnerabilities exposed weaknesses in their software distribution practices.

Details of the Breach and Its Origins

Leaked API Keys and Malicious Updates

Internal findings revealed that a leaked Chrome Web Store API key was exploited to publish the malicious extension, bypassing normal release controls. The security firm SlowMist confirmed that the injected code harvested wallet recovery phrases using a modified analytics library embedded within the extension. This allowed attackers to clandestinely access seed phrases, which are critical to wallet security.

It is notable that the breach was confined to the Chrome extension, and the mobile app remained unaffected. Trust Wallet clarified that the compromised update did not impact its mobile users, emphasizing the importance of multi-platform security measures.

Timeline of Events

• Dec. 24: Malicious version 2.68 of the Chrome extension released.
• Shortly after: Users reported wallet drains following the update installation.
• Dec. 25: Trust Wallet released version 2.69 to remove malicious code.
• Dec. 25: On-chain investigator ZachXBT issued alerts, publicizing the breach.
• Post-incident: Launch of the official claims portal for affected users.

Security Measures and Future Outlook

The Trust Wallet breach has underscored the vulnerabilities inherent in browser-based wallets and distribution channels relying on public app stores. Moving forward, Trust Wallet and similar platforms are likely to re-evaluate their security protocols, including safeguarding API keys, conducting rigorous code audits, and enhancing threat detection mechanisms.

Binance’s pledge to cover verified losses reassures users, but it also highlights the importance of decentralizing wallet access and encouraging users to employ hardware wallets or mobile apps with robust security features.

Frequently Asked Questions

What caused the Trust Wallet Chrome extension hack?

The breach was caused by a leaked Chrome Web Store API key, which enabled attackers to publish a malicious version of the extension containing code to harvest seed phrases.

Is the Trust Wallet mobile app affected by this breach?

No, internal assessments confirmed that the mobile app remained unaffected, and only the Chrome extension was compromised.

How can I submit a claim for stolen assets?

Affected users can visit the official support portal and provide required information such as wallet address, attacker address, transaction hash, and country.

Will Trust Wallet reimburse all losses?

Binance CEO CZ assured that all verified losses would be covered. Each claim is subject to manual review to ensure legitimacy.

What steps is Trust Wallet taking to prevent future breaches?

The platform is enhancing security measures, including safeguarding API keys, improving code review processes, and reinforcing distribution controls to minimize similar vulnerabilities.

Conclusion

The launch of the Trust Wallet Hack Claims Portal represents a crucial step in addressing the repercussions of the recent Chrome extension breach. While the incident exposed vulnerabilities in browser-based wallets, Trust Wallet’s transparent approach to compensation and security improvements aims to restore user confidence. As the cryptocurrency industry continues to evolve, heightened focus on secure software distribution and proactive incident management remains essential to safeguarding digital assets.