Last week, Trust Wallet users suffered a sudden overdue in his funds, as detailed in a recent report shared with Beincrypto. When he contacted his wallet to find out what had happened, they informed him that he had been suffering from a private key leak.
Eve Lam, Chief Information Security Officer at Trust Wallet, said in an interview with Beincrypto that the most fraudulent cryptocurrency withdrawals stem from user issues. Hacken’s Head of Compliance Dmytro Yasmanovych should share this perspective and provide guidance on the steps users should take if they suspect cryptocurrency wallets are at risk.
One night loss
Last week, Chilean crypto user Mattias fell asleep without any worries in the world. But by the time he woke up, it all had changed. According to details shared with Beincrypto, when Matias accessed his trust wallet, he saw that his funds had been withdrawn from his account.
This situation never happened to him in five years using his mobile wallet. Matthias soon found out at 8am that a small amount of code had been deposited in his account. Shortly afterwards, his account was emptied.
Matthias didn’t know how that would happen. After contacting the Trust Wallet security team for explanation, he learns that the problem was born from an inadvertent act.
“Based on internal data and incident response investigations, the majority of unauthorized withdrawals go back to the user’s issues,” Lamb told Beincrypto.
She explained many ways users can mistakenly share sensitive information with malicious actors.
The reality of user vulnerabilities
Analysis of Trust Wallet’s internal data and incident response investigations shows that user issues cause most fraudulent cryptocurrency withdrawals.
These often include leaked or infringed seed phrases that are often caused by social engineering tactics, insecure storage, and approval of malicious smart contracts granted by users.
Device-level compromises and other incidents, such as SIM swap attacks and theft of unlocked devices, also contribute to these unauthorized withdrawals.
“In all these cases, the Trust Wallet app itself has not been compromised. The problem stems from the external environment being used or the actions taken before the installation,” Lam elaborated.
These exploitation methods are one of the most common attack techniques for stealing cryptocurrency from mobile wallets.
User Errors vs Wallet Hacks: Where do most losses occur?
Hacken lacks certain internal data on evolving trends in mobile wallet attacks, but Yasmanovych explained to Beincrypto that the loss of funds enabled by user actions is becoming increasingly apparent when cybersecurity companies are investigating.
“What we see in research and tools illustrate a much broader problem. Most of the major losses in cryptography today are not about mobile malware, but about failures in signer workflow, interface security, and access control,” Yasmanovych outlined.
The signer’s workflow involves approving cryptocurrency transactions using a private key. If these keys are compromised, it allows for direct and unauthorized signing of transactions. Meanwhile, the flawed user interface (UI) of crypto wallets and DAPP can lead users to misleading harmful transactions. The attack methods include address addiction, in which attackers create similar addresses to intercept funds.
It also deploys spoofing or malicious DAPPs designed to steal credentials and to direct signatures of harmful transactions. Additionally, UI remediation includes deceptive overlays that force users to perform unintended actions.
In many cases, users unconsciously allow malicious smart contracts.
“That’s an important point. Especially if a user interacts with a Web3 app using other wallets or browsers, there may be a Maritious approval before the trust wallet is installed,” Lamb warned.
When such a scenario occurs, it is extremely difficult to recover the funds.
Challenges for fund recovery
Given its status as an unlawful wallet, trust wallets cannot reverse crypto transactions after fraud. Nevertheless, we assist users by performing on-chain analysis to track stolen funds. They also provide detailed incident reports to law enforcement agencies and, in some cases, collaborate with forensic companies.
Despite these efforts, the likelihood of recovering funds remains very low.
“Success depends heavily on early action. When funds reach CEXS and users quickly reach the file (law enforcement) report, there is zero chance of asset freezing. In all fraud-related cases, the success rate of recovery is low, but when intensive endpoints are involved and law enforcement is promptly involved, the funds are quickly involved.
As a result, user education remains the most effective way to prevent problems that cause these losses.
Beyond detection: What precautions and reactive steps are important?
Trust Wallet incorporates a security scanner that flags real-time threats, such as known fraudster addresses, phishing sites, and interactions with suspicious authorizations. But sometimes these warning signs are not sufficient.
Yasmanovych advised that in order to protect cryptocurrency wallets, organizations and individuals need to implement Cryptocurrency Security Standard (CCSS) management to manage keys and ensure operational security.
“Defines clear actions when a key is suspected of being breached, such as expiration, fund transfer, auditing, etc. It uses quorum-based access required for all access to the wallet system and key handling interfaces to prevent a single actor from breaching funds.
Yasmanovych also emphasized the importance of knowing what to do after these exploitations have occurred.
“If you suspect that your cryptocurrency wallet has compromised, we will act immediately. Report the case to law enforcement, engage with crypto enforcement experts, use chain analysis tools to track stolen funds to monitor movements, and identify any mixers or exchanges involved.
Despite these measures, the reality remains that vulnerabilities on the part of users continue to lead to losses.
Persistent challenges for user vulnerabilities in mobile wallets
Even with aggressive security measures, the ongoing regularity of fund losses raises great concern. The regularity of these events highlights the persistent challenges of user-end vulnerabilities when using mobile wallets.
The path to a more secure Web3 essentially requires a balance between strong security protocols and proactive user preparation. As a result, a sustained commitment to user education and the widespread adoption of these safeguards remains essential to establishing a safer environment across the industry.
Disclaimer
Following Trust Project guidelines, this feature article presents the opinions and perspectives of industry experts or individuals. Although Beincrypto is dedicated to transparent reporting, the views expressed in this article do not necessarily reflect the views of Beincrypto or its staff. Readers should independently verify the information and consult with experts before making decisions based on this content. Please note that our terms and conditions, privacy policy and disclaimer have been updated.
