Trust Wallet's Latest Patch Still Leaves Security Loophole, Slow Mist Alert Reveals

Security researchers from Slow Mist have raised a critical alert regarding Trust Wallet’s browser extension, warning that even after the latest update, a significant vulnerability persists. According to the mist report, version 2.69.0, which was supposed to address previous security concerns, continues to carry problematic code that threatens user asset safety.

The Ongoing Risk: PostHog JS Still Present

The investigation reveals that the PostHog JS code remains embedded in the patched version despite Trust Wallet’s attempt to fix the issue. This is particularly concerning given the serious nature of the original vulnerability—the malicious code was designed to intercept sensitive wallet information, including seed phrases and recovery mnemonics, that are transmitted to an attacker-controlled server at api.metrics-trustwallet.com.

Timeline of the Security Incident

Trust Wallet’s browser extension version 2.68.0 was initially identified as containing harmful scripts capable of harvesting critical wallet data. While the development team responded by releasing version 2.69.0 as a remediation measure, the mist report from Slow Mist demonstrates that the dangerous code elements were not fully eliminated during the update process.

What This Means for Users

The persistence of PostHog JS in the updated version represents an unresolved threat vector. Users who have upgraded to 2.69.0 may still face risks associated with data collection and potential exposure of their most sensitive credentials. The fact that Slow Mist felt compelled to issue a follow-up warning suggests the patch fell short of comprehensive remediation.

This incident underscores the importance of vigilant security practices and the need for thorough vetting before deploying browser extensions that handle sensitive cryptographic material.