Trust Wallet said it has moved into a verification phase after a Christmas Day exploit involving its browser extension, after finding thousands of affected wallets but receiving far more reimbursement claims than expected.
On Monday, Trust Wallet CEO Eowyn Chen said the company had identified 2,596 affected wallet addresses tied to the compromised extension. However, it received nearly 5,000 claims, suggesting a significant amount may be false or duplicate submissions.
“Because of this, accurate verification of wallet ownership is critical to ensure funds are returned to the right people,” Chen wrote. “Our team is working diligently to verify claims; combining multiple data points to distinguish legitimate victims from malicious actors.”
The update marks a shift in the response from estimating losses to managing the operational challenge of compensating users without exposing the process to abuse. Chen said the company is prioritizing accuracy over speed and plans to share additional details as the investigation continues.
False claims follow $7 million browser extension hack
Trust Wallet previously disclosed on Dec. 26 that its browser extension had been compromised in a targeted attack affecting desktop users. This resulted in roughly $7 million in losses, which will be fully covered according to Binance co-founder Changpeng Zhao, whose exchange owns Trust Wallet.
Cybersecurity firm SlowMist reported that the malicious extension also exported users' personal information,...
The False Claims Act (FCA), a 162-year-old statute originally designed to combat fraud by defense contractors during the American Civil War. The Department of Justice has launched an expansive inv...