Trust Wallet has moved into a verification phase after a Christmas Day exploit involving its browser extension; while thousands of wallets have been identified, the company has received far more reimbursement claims than expected.
On Monday, Trust Wallet CEO Eowyn Chen said the company had identified 2,596 wallet addresses tied to the compromised extension. Still, it has received almost 5,000 claims, suggesting a significant amount may be false or duplicate submissions.
“Because of this, accurate verification of wallet ownership is critical to ensure funds are returned to the right people,” Chen wrote. “Our team is working diligently to verify claims; combining multiple data points to distinguish legitimate victims from malicious actors.”
The update marks a shift in the response from estimating losses to managing the operational challenge of compensating users without exposing the process to abuse. Chen said the company is prioritizing accuracy over speed and plans to share additional details as the investigation continues.
False claims follow $7 million browser extension hack
Trust Wallet disclosed on Friday that its browser extension had been compromised in a targeted attack affecting desktop users. This resulted in $7 million in losses, which will be fully covered, according to Binance co-founder Changpeng Zhao, whose exchange owns Trust Wallet.
Cybersecurity firm SlowMist reported that the malicious extension also exported users’ personal information, raising concerns about potential insider involvement.
SlowMist co-founder Yu Xiam said the attacker appeared to have prepared the exploit weeks in advance and showed deep familiarity with the source code.
Onchain investigator ZachXBT previously estimated that hundreds were affected, while some industry observers argued that the attacker’s ability to submit a malicious extension update suggested access beyond a typical external hack.
Related: Ubisoft halts Rainbow Six Siege after hackers give each player $13.3M credits
While Trust Wallet confirmed the hack, the company has yet to confirm whether there were any insiders involved. Chen said the team is currently conducting a broader forensic investigation of the attack.
“This process is ongoing today and is being carried out alongside the broader forensic investigation,” Chen wrote. “While some data is still being finalised, we already have strong working hypotheses for a portion of the cases.”
Magazine: Koreans ‘pump’ alts after Upbit hack, China BTC mining surge: Asia Express
