Earn up to 50% APR
Boost earnings with NFTs
Play, HODL & earn more
Inside the Trust Wallet Hack: Supply Chain Failure and Insider Suspicions
Crypto-Detective
1
Posts
1
Posters
11
Views
-
Trust Wallet’s post-mortem revealed the attack likely stemmed from the “Sha1-Hulud” supply chain exploit, which compromised npm packages widely used across the crypto industry. Leaked GitHub secrets reportedly gave attackers access to Trust Wallet’s source code and its Chrome Web Store API key, enabling the upload of a malicious extension.
The sophistication of the breach has fueled speculation about insider involvement. Intergovernmental blockchain adviser Anndy Lian and Changpeng Zhao both suggested the attacker’s deep familiarity with the codebase raises red flags — a reminder that internal security can be just as critical as defending against external threats.
