PANews reported on December 26th that, according to analysis by security researchers @im23pds and @0xakinator, malicious code (file 4482.js) was suspected to have been injected into Trust Wallet browser extension version 2.68. This code masqueraded as an analytics tool to steal users' mnemonic phrases. When a user imported their wallet, the code sent the mnemonic phrase to a newly registered phishing domain, metrics-trustwallet[.]com. This domain is currently inaccessible.
Analysis: Trust Wallet extended wallet suspected of being attacked by supply chain malware that stole mnemonic phrases.
Share to:
Author: PA一线
This content is for informational purposes only and does not constitute investment advice.
Follow PANews official accounts, navigate bull and bear markets together
Recommended Reading
