On January 29, Trust Wallet disclosed the security hole that allowed users to abuse its customer service platform. The attackers briefly gained access to the file containing the names and email addresses used on support tickets, despite the fact that no user cash were lost and no private keys were taken from users’ third-party wallets.
A proper reaction might then be implemented if the vulnerability was found during a routine security examination. Trust Wallet has classified the attack as a phishing scam because it only confirms unlawful access to the exterior cover; no acknowledgement has been made of any penetration into the interior contents of support tickets.
Given the recent victims of Coingecko and De.Fi, as well as the added hardware Trezor wallet, this exploit demonstrates how crypto-phishing has become popular.
In this situation, users should exercise caution at all times and stay away from dubious emails or links on specific social media platforms that may appear to be authentic cryptocurrency services.