The National Institute of Standards and Technology is analyzing the iOS version of the Binance Trust Wallet app for a vulnerability that could potentially be used to steal funds from crypto wallets.
An agency of the United States Department of Commerce (DOC) is analyzing the Binance Trust Wallet app for a vulnerability that could potentially allow an attacker to steal funds from crypto wallets.
According to the National Institute of Standards and Technology (NIST), the DOC agency tasked with promoting American innovation and industrial competitiveness, a specific version of the Binance Trust Wallet app “misuses the trezor-crypto library” to generate mnemonic words that can be verified only at the entropy source.
An entropy source is a physical location from where data is generated. NIST noted that a similar vulnerability was exploited in July 2023, leading to economic losses. It explained:
