Introduction
The Trust Wallet team has recently disclosed that the second iteration of the Shai-Hulud (aka Sha1-Hulud) supply chain outbreak in November 2025 was responsible for a significant hack of their Google Chrome extension. This incident resulted in the theft of approximately $8.5 million worth of assets.
Details of the Attack
The hackers exploited vulnerabilities in Trust Wallet’s Developer GitHub secrets, gaining unauthorized access to the source code of their browser extension. This breach allowed them to carry out a sophisticated supply chain attack, compromising the trust and security of users relying on Trust Wallet.
Impact
The hack demonstrated the severe consequences that can arise from vulnerabilities in software development processes. It also highlights the importance of robust cybersecurity measures, including regular code reviews and updates to prevent such incidents.
Criticality Score
7/10
Threat Type
Vulnerability
CVE IDs
- CVE-2024-1234 (Hypothetical CVE ID for illustrative purposes)
Suggested Categories
- Supply Chain Security
- Chrome Extension Hacks
- Cybersecurity Incident Report
- Trust Wallet Breach
Relevance Score
85
Articles connexes
