US cyber authorities are investigating a possible security vulnerability in the Binance Trust Wallet iOS app. This vulnerability allows attackers to steal money by guessing security words known as mnemonics. Trust Wallet’s native token TWT first reacted to the news with a decline. However, the token recovered without a sharp decline.
NIST examines Binance-linked Trust Wallet
An agency affiliated with the United States Department of Commerce is analyzing the “Binance Trust Wallet application” for a vulnerability that could allow an attacker to steal funds from crypto wallets. According to the National Institute of Standards and Technology (NIST), which is tasked with promoting U.S. innovation and industrial competitiveness, a specific version of the Trust Wallet application “abuses the trezor-crypto library” to generate mnemonic words that can only be verified at the entropy source. Following this news, the price of Trust Wallet’s native token TWT decreased from $ 1.23 to $ 1,198.
An entropy source is a physical location where data is generated. NIST announced that attackers exploited a similar vulnerability in July 2023. He also stated that this led to economic losses. The statement also said, “An attacker can systematically create reminders for every timestamp within a valid time period. “It is also possible to link them to specific wallet addresses in order to steal funds from these wallets.” said. NIST shared the information with the public on February 8. It is currently awaiting analysis to determine the real-world scope of the vulnerability.
Binance spokesperson: Trust Wallet operates independently!
According to CVE, a program supported by the US Department of Homeland Security, Secbit Labs began investigating the Trust Wallet app for iOS after numerous ETH wallets were hacked. Researchers tracked down an old wallet creation vulnerability in the 2018 iOS platform version of Trust Wallet. He also linked it to grand thefts on July 12, 2023. A Binance spokesperson stated that Trust Wallet is no longer part of the Binance group. It also clarified that it is a separate legal entity that operates independently of Binance.com.
NIST will give a score based on the severity of the vulnerability
An independent investigation by Milk Sad found at least 6,572 unique wallet reminders at risk of loss of funds. The investigation found that the Trust Wallet app for iOS used open-source code to create new cryptocurrency wallets using insecure functions in the “trezor-crypto library” that were not intended for production. After confirming the existence of weak wallets, he claimed that they were involved in the Milk Sad thefts. Upon completion of the investigation, NIST will assign a base score ranging from 0-10. These scores will depend on the vulnerability and severity of the application.
To be informed about the latest developments, follow us twitter‘in, Facebookin and InstagramFollow on and Telegram And YouTube Join our channel!