1. PixelPlaygroundHome
  2. Metaverse Insights

Trust Wallet Users Beware: Why Your Wallet Could Be At Risk

Metaverse Insights 99 views

On April 22nd, the founder of Slow Fog, Yu Xian, quoted Trust Wallet\’s announcement on social media stating that if users use the Trust Wallet browser extension and create a wallet

Trust Wallet Users Beware: Why Your Wallet Could Be At Risk

On April 22nd, the founder of Slow Fog, Yu Xian, quoted Trust Wallet’s announcement on social media stating that if users use the Trust Wallet browser extension and create a wallet between November 14-23, 2022, the wallet will be at risk. The fundamental reason is that the MT19937 pseudo-random number generator used by the TrustWallet browser extension at that time did not provide sufficient randomness, resulting in the private key being cracked.

Founder of Slow Fog: There are risks in using TrustWallet browser extensions to create wallets from November 14-23 last year

If you’re using Trust Wallet’s browser extension, you may want to think twice. Recent reports claim that users who created their wallet between November 14-23, 2022 using the Trust Wallet browser extension could be at risk of having their wallet breached. The root cause of the issue appears to be the MT19937 pseudo-random number generator, which did not provide sufficient randomness at that time, resulting in a compromised private key. Here’s what you need to know.

What is Trust Wallet?

To understand the issue, it’s important to understand what Trust Wallet is. It’s a mobile cryptocurrency wallet that holds multiple coins and tokens. It’s popular amongst crypto traders due to its easy-to-use interface and high level of security, including private key encryption. However, they also offer a browser extension to facilitate transactions that has recently been called into question.

What is the MT19937 Pseudo-random Number Generator?

The MT19937 pseudo-random number generator is a popular algorithm used to generate random numbers. It’s fast and efficient, making it a popular choice for many applications, including cryptography. However, it’s not without its flaws. It’s been found that if an attacker knows some of the outputs of the algorithm, they can predict future outputs with a high degree of accuracy. This has led to multiple attacks on systems that use this algorithm in the past.

How Was the Trust Wallet Breach Discovered?

The issue was discovered by Slow Fog, a Chinese cybersecurity firm. They found that the MT19937 algorithm used in Trust Wallet’s browser extension during that fateful window did not provide sufficient randomness, leaving users’ private keys vulnerable.

What Can You Do to Protect Yourself?

If you’re a Trust Wallet user, there are a few things you can do to protect yourself. First, check whether you created your wallet during the at-risk period (November 14-23, 2022). If you did, it’s recommended that you move your funds to a new wallet. Additionally, if you haven’t updated to the latest version of Trust Wallet, now’s the time to do so. The team behind Trust Wallet has already patched the issue, so users who have updated to the latest version are no longer at risk.

Conclusion

The MT19937 algorithm used by Trust Wallet’s browser extension was flawed, leaving users who created their wallets between November 14-23, 2022, at risk of having their private keys cracked. Slow Fog, a Chinese cybersecurity firm, discovered the vulnerability, but Trust Wallet has since patched the issue. To protect yourself, ensure you are using the latest version of Trust Wallet and move funds from wallets created during the at-risk period.

FAQs

Q: Does this mean Trust Wallet is no longer safe to use?
A: No. Only wallets created between November 14-23, 2022 using Trust Wallet’s browser extension were at risk. The vulnerability has since been patched, so those using the latest version are no longer at risk.
Q: What other wallets are affected by the MT19937 vulnerability?
A: It’s difficult to say, but any wallet or system that relies on this algorithm could potentially be vulnerable.
Q: Is it safe to use Trust Wallet on mobile?
A: Yes. The issue only affects Trust Wallet’s browser extension, not the mobile wallet itself.

This article and pictures are from the Internet and do not represent Fpips's position. If you infringe, please contact us to delete:https://www.fpips.com/18053/

It is strongly recommended that you study, review, analyze and verify the content independently, use the relevant data and content carefully, and bear all risks arising therefrom.

Like (0)
Previous 04/22/2023 09:30
Next 04/22/2023 09:51

Recommended articles