Trust Wallet Browser Extension Flaw Lets Attackers Steal Funds Without User Interaction
- С сайта: Vulnerability cybersecuritynews.com
- Вернуться к списку новостей
Trust Wallet Browser Extension Flaw Lets Attackers Steal Funds Without User Interaction
Author: Tushar Subhra DuttaTrust Wallet made a significant announcement on November 14th, 2022, unveiling its newly launched browser extension for wide usage.
The browser extension grants direct access to digital assets on multiple blockchains, a highly anticipated complement to the existing iOS and Android apps in Trust Wallet’s ecosystem.
However, recently, security analysts at Ledger Donjon found a major vulnerability in this browser extension. The newly discovered flaw enables asset theft from any wallet created with it, and for this, no user interaction is needed.
Vulnerability Overview Moreover, Trust Wallet depends on the Trust Wallet Core; it’s a versatile library for blockchain wallets, which is now targeting Wasm since April 2022.
Trust Wallet Core is mostly portable, but some modules are target-specific, notably secure random generation for cryptographic material like:-
- Private keys
- HD wallet mnemonics
- For iOS, SecRandomCopyBytes is used.
- For Android, the entropy is provided by an instance of java.security.SecureRandom.
The critical vulnerability arises due to using Mersenne Twister PRNG in wallet-core for Wasm, which is unfit for cryptography, and the single 32-bit seed input in mt19937.
The 32-bit seed in Wasm wallet-core allows just 2^32 (4 billion) mnemonics, generated quickly in a single computer within a couple of hours.
Here below we have mentioned all the abilities that it grants to the attackers:-
- Compute all the seeds
- Compute all the private keys
- Compute all the addresses of every cryptocurrency
- Scan the related blockchains
- Extract all the used addresses
- Compute the intersection
- Acquire Trust Wallet for Wasm addresses, then exploit and drain their funds.
#Cyber_Security_News #Vulnerability #cyber_security #vulnerability
Оригинальная версия на сайте: