Share this article
U.S. Cyber Authorities Investigate 'Binance Trust Wallet' iOS App for Vulnerabilities
The wallet has been the victim of multiple cyber attacks during 2023.
Updated Mar 9, 2024, 2:15 a.m. Published Feb 15, 2024, 10:16 a.m.
Make us preferred on Google
- U.S. cyber authorities are investigating a possible vulnerability in the Binance Trust Wallet iOS app.
- The vulnerability would allow attackers to steal money by guessing security words known as mnemonics.
A potential vulnerability for the iOS version of "Binance Trust Wallet" has been listed by the National Institute of Standards and Technology (NIST), a U.S. agency that sets best practices and standards for technology and cyber security.
The vulnerability was added to the CVE database, which lists serious issues that could have, or have already, caused material damage or losses, on Feb. 8. It is being investigated by NIST to determine the real-world severity of the vulnerability.
STORY CONTINUES BELOW
The flaw has already been exploited in the wild, according to the database entry. In July 2023, it allowed attackers to guess security words and steal money from digital wallets because of the way it used the trezor-crypto library.
"An attacker can systematically generate mnemonics for each timestamp within an applicable timeframe, and link them to specific wallet addresses in order to steal funds from those wallets," NIST wrote in its update.
Trust Wallet suffered multiple cyber incidents in 2023, generating over $4 million in losses. The wallet was acquired by Binance in 2018. Binance has since released its own Web3 wallet.
"Trust Wallet is now a separate legal entity that is not part of the Binance group and operates independently from Binance.com," a Binance spokesperson said in an email.
Trust Wallet's X (formerly Twitter) profile has not posted about the vulnerability.
UPDATE (Feb. 15, 10:54 UTC): Adds Binance statement in penultimate paragraph.
More For You
Pudgy Penguins is building a multi-vertical consumer IP platform — combining phygital products, games, NFTs and PENGU to monetize culture at scale.
What to know:
Pudgy Penguins is emerging as one of the strongest NFT-native brands of this cycle, shifting from speculative “digital luxury goods” into a multi-vertical consumer IP platform. Its strategy is to acquire users through mainstream channels first; toys, retail partnerships and viral media, then onboard them into Web3 through games, NFTs and the PENGU token.
The ecosystem now spans phygital products (> $13M retail sales and >1M units sold), games and experiences (Pudgy Party surpassed 500k downloads in two weeks), and a widely distributed token (airdropped to 6M+ wallets). While the market is currently pricing Pudgy at a premium relative to traditional IP peers, sustained success depends on execution across retail expansion, gaming adoption and deeper token utility.
More For You
Bitcoin's Quantum threat is ‘real but distant,’ says Wall Street analyst as doomsday debate rages on
Wall Street broker Benchmark argued the crypto network has ample time to evolve as quantum risks shift from theory to risk management.
What to know:
- Broker Benchmark said Bitcoin’s main vulnerability lies in exposed public keys, not the protocol itself.
- Coinbase’s new Quantum Advisory Council marks a shift from theoretical concern to institutional response.
- Bitcoin’s architecture is conservative but adaptable, according to Benchmark analyst Mark Palmer, with a long runway for upgrades.
Top Stories
