Share this article
U.S. Cyber Authorities Investigate 'Binance Trust Wallet' iOS App for Vulnerabilities
The wallet has been the victim of multiple cyber attacks during 2023.
Updated Mar 9, 2024, 2:15 a.m. Published Feb 15, 2024, 10:16 a.m.
- U.S. cyber authorities are investigating a possible vulnerability in the Binance Trust Wallet iOS app.
- The vulnerability would allow attackers to steal money by guessing security words known as mnemonics.
A potential vulnerability for the iOS version of "Binance Trust Wallet" has been listed by the National Institute of Standards and Technology (NIST), a U.S. agency that sets best practices and standards for technology and cyber security.
The vulnerability was added to the CVE database, which lists serious issues that could have, or have already, caused material damage or losses, on Feb. 8. It is being investigated by NIST to determine the real-world severity of the vulnerability.
STORY CONTINUES BELOW
The flaw has already been exploited in the wild, according to the database entry. In July 2023, it allowed attackers to guess security words and steal money from digital wallets because of the way it used the trezor-crypto library.
"An attacker can systematically generate mnemonics for each timestamp within an applicable timeframe, and link them to specific wallet addresses in order to steal funds from those wallets," NIST wrote in its update.
Trust Wallet suffered multiple cyber incidents in 2023, generating over $4 million in losses. The wallet was acquired by Binance in 2018. Binance has since released its own Web3 wallet.
"Trust Wallet is now a separate legal entity that is not part of the Binance group and operates independently from Binance.com," a Binance spokesperson said in an email.
Trust Wallet's X (formerly Twitter) profile has not posted about the vulnerability.
UPDATE (Feb. 15, 10:54 UTC): Adds Binance statement in penultimate paragraph.
More For You
What to know:
- As of October 2025, GoPlus has generated $4.7M in total revenue across its product lines. The GoPlus App is the primary revenue driver, contributing $2.5M (approx. 53%), followed by the SafeToken Protocol at $1.7M.
- GoPlus Intelligence's Token Security API averaged 717 million monthly calls year-to-date in 2025 , with a peak of nearly 1 billion calls in February 2025. Total blockchain-level requests, including transaction simulations, averaged an additional 350 million per month.
- Since its January 2025 launch , the $GPS token has registered over $5B in total spot volume and $10B in derivatives volume in 2025. Monthly spot volume peaked in March 2025 at over $1.1B , while derivatives volume peaked the same month at over $4B.
More For You
Solana’s Drift Launches v3, With 10x Faster Trades
With v3, the team says that about 85% of market orders will fill in under half a second, and liquidity will deepen enough to bring slippage on larger trades down to around 0.02%.
What to know:
- Drift, one of the largest perpetuals trading platforms on Solana, has launched Drift v3, a major upgrade meant to make on-chain trading feel as fast and smooth as using a centralized exchange.
- The new version will deliver 10-times faster trade execution thanks to a rebuilt backend, marking the largest performance jump the project has made so far.
Top Stories
