Binance Trust Wallet iOS App Vulnerability Listed on NIST, CEO Pushes Back Against Misinformation

Trust Wallet’s CEO Eowyn Chen responded to allegations about a vulnerability affecting the iOS app on February 15, reassuring users of the wallet’s ongoing security. This came after claims emerged on February 8 of an alleged iOS vulnerability, published to the National Institute of Standards and Technology’s (NIST) vulnerability database.

Vulnerability Claims and Trust Wallet’s Response


The February 8 security notice claims that an unwarranted party “exploited” the vulnerability in July 2023, “leading to economic losses.”

“An attacker can systematically generate mnemonics for each timestamp within an applicable timeframe, and link them to specific wallet addresses in order to steal funds from those wallets,” the notice read.

Despite the investigation appearing public on NIST’s website, Trust Wallet posted to their X account that users of the iOS app have not been affected by the vulnerability since July 2018.

Hey Trust Wallet fam,

We’d like to address some articles that have recently been published by some prominent Crypto media outlets, regarding the security of Trust Wallet.

For clarity on two main points: users assets are #SAFU and we are NOT being investigated by the US…

— Trust Wallet (@TrustWallet) February 15, 2024

“In 2018, besides fixing the code, our founder informed all affected users (Yes we were small enough to know all users at that time) and offered a migration path,” the post explained.

“Besides fixing the code itself, Trust Wallet’s founder took swift and proactive steps to inform all impacted users and provided them with a secure migration path, ensuring no user was left vulnerable,” a blog post on the company’s website reads. “The identified vulnerable wallet addresses in the Trust Wallet database are also found to not have balances anymore.”

“For clarity on two main points: users assets are #SAFU and we are NOT being investigated by the US government,” the post stated.

Are Trust Wallet Users Safe?


Media dissemination of the NIST notice comes after Trust Wallet experienced a number of headline-grabbing events in the last year.

In one February 2023 instance, a Trust Wallet user took to X to post that he was the victim of a scheme that cost him $4 million. Trust Wallet later tweeted to confirm that the user was the target of a complicated social engineering scheme devised by an organized crime unit in Rome, Italy, while assuring users that their apps were safe to use.

“Trust Wallet mobile apps and extension are security audited and pen-tested by our internal security team as well as external 3rd party security auditors too,” the company posted to X at the time. “Rest assured if you use Trust Wallet your assets are safe but it is important to remain vigilant.”

Trust Wallet CEO Asserts “Strategic Partnership” With Binance


Binance originally acquired the self-custody wallet in July 2018 through cash, BNB tokens, and the company’s stock. The crypto exchange then launched its own Web3 wallet in November 2023, causing a major decline in the Trust Wallet’s native token, TWT.

Trust Wallet CEO Eowyn Chen posted on X Thursday to clarify that despite reports, Trust Wallet is “separate from Binance” but is “in a strategic partnership.”

At the time of publication, Trust Wallet and Binance were not immediately available regarding cryptonews.com’s request for comment.

The post Binance Trust Wallet iOS App Vulnerability Listed on NIST, CEO Pushes Back Against Misinformation appeared first on Cryptonews.