SlowMist’s Cosine states that the Trust Wallet patched version still has not removed PostHog JS, which may pose security risks
According to Deep Tide TechFlow, on December 26, SlowMist's Cosine disclosed that Trust Wallet browser extension version 2.68.0 was injected with malicious code. The attacker implanted PostHog JS to collect users' wallet private information, including mnemonic phrases, and sent the data to a server controlled by the attacker at api.metrics-trustwallet[.]com. Although Trust Wallet has released a fixed version 2.69.0, SlowMist's Cosine pointed out that this version still has not removed the PostHog JS code.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
Matrixport: Bitcoin Downside Risk Marginally Eases, Market May Shift to a "Limited Downside" Trading Phase
PancakeSwap: Launches 12 v3 pool LP rewards on Base network
