SlowMist’s Cosine states that the Trust Wallet patched version still has not removed PostHog JS, which may pose security risks
According to Deep Tide TechFlow, on December 26, SlowMist's Cosine disclosed that Trust Wallet browser extension version 2.68.0 was injected with malicious code. The attacker implanted PostHog JS to collect users' wallet private information, including mnemonic phrases, and sent the data to a server controlled by the attacker at api.metrics-trustwallet[.]com. Although Trust Wallet has released a fixed version 2.69.0, SlowMist's Cosine pointed out that this version still has not removed the PostHog JS code.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
Analysis: Bitcoin Faces Intense Churn at $87,000, Signaling Market Directional Decision
Web3 ride-hailing app TADA plans to enter New York in June 2026
Half Wood Summer: No Need to Overly Bearish on Bitcoin in the Next 1-2 Months, Trend About to Clarify
Trending news
MoreCrypto prices
More
