Trust Wallet revealed the security flaw to exploiting its customer support system on January 29th. Although no user funds were lost, and no private keys stolen from users’ third-part wallets the attackers had for a brief moment accessed the file with names, email addresses used on support tickets.
The breach was detected during a regular security inspection which then allowed for an appropriate response to take place.
The attack, thus considered a phishing scam by Trust Wallet is also confirmed to be unauthorized access only of the outside cover alone as no intrusion into support tickets inner contents has been admitted.
This attack illustrates that crypto-phishing has become a trend as the additional hardware Trezor wallet and other platforms such as Coingecko or De.Fi has been victims in recent weeks.
In this case, such users should always remain cautious and avoid unsuspiciously emails or links on particular social media platforms that can be announced in the form of a legitimate crypto service.