Trust Wallet’s Rapid Response

Trust Wallet’s Rapid Response Following the incident, Trust Wallet temporarily disabled all release APIs for two weeks to stop any new versions from being pushed. It also acted to prevent further data leaks by alerting registrar NiceNIC about the malicious exfiltration domain, which was quickly taken offline. Funds are being Returned As the fallout continues, Trust Wallet says the attack impacted nearly 3,000 wallets, with the company committing to reimburse every verified victim. However, sorting legitimate claims from fraudulent ones has proven challenging. According to Trust Wallet, investigators have confirmed 2,596 affected wallet addresses so far, but have already received close to 5,000 reimbursement claims. This mismatch suggests a large number of false or duplicate submissions, some of which appear to be attempts to exploit the compensation process itself. To prevent further abuse, the company says it is placing heavy emphasis on verifying wallet ownership. Its team is cross-checking multiple data points to ensure reimbursement funds reach genuine victims rather than bad actors posing as claimants. Even as the review process continues, Trust Wallet has begun issuing reimbursements. Affected users are being asked to submit their contact details, compromised wallet addresses, the attacker’s wallet address, and transaction hashes through a dedicated claims portal. The company has also reiterated a key warning: users should never share private keys, recovery phrases, or passwords under any circumstances.

---