SlowMist’s Cosine states that the Trust Wallet patched version still has not removed PostHog JS, which may pose security risks
According to Deep Tide TechFlow, on December 26, SlowMist's Cosine disclosed that Trust Wallet browser extension version 2.68.0 was injected with malicious code. The attacker implanted PostHog JS to collect users' wallet private information, including mnemonic phrases, and sent the data to a server controlled by the attacker at api.metrics-trustwallet[.]com. Although Trust Wallet has released a fixed version 2.69.0, SlowMist's Cosine pointed out that this version still has not removed the PostHog JS code.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
The holdings of a smart money address in this round have increased to 3,100 ETH, worth approximately $9.543 million.
RootData: QAI will unlock tokens worth approximately $17.72 million in one week
Ranger public offering subscription exceeds $86 million, RNGR market cap currently reported at $17.83 million
Trending news
MoreCrypto prices
More
