An attacker has drained “hundreds” of crypto wallets on Ethereum Virtual Machine (EVM) chains, siphoning small sums from each victim. Victims have lost less than $2,000 each, affecting wallets on various EVM-compatible networks, suggesting a widespread incident. The exploit may be linked to a Trust Wallet hack on Christmas. Source: ZachXBT.

A fraudulent email disguised as MetaMask communication may have facilitated the attack, according to cybersecurity researcher Vladimir S. Hackless warns users to revoke smart contract approvals and monitor their wallets. The incident underscores the importance of online safety measures for crypto holders to protect against evolving threats. Source: Vladimir S.

The Trust Wallet hack on Christmas resulted in $7 million in losses, impacting 2,596 compromised wallets. A supply chain attack in November, compromising npm software packages, likely led to the incident. Developer “secrets” leaked from Trust Wallet’s GitHub enabled the attacker to upload a malicious browser extension. Source: Trust Wallet.

Intergovernmental blockchain adviser Anndy Lian believes the Trust Wallet hack was likely an insider job due to the nature of the attack. Binance co-founder CZ Zhao concurs, suggesting an insider with deep knowledge of Trust Wallet’s source code may be responsible. Binance is set to reimburse users for their losses, as the mobile application was unaffected. Source: Anndy Lian.

Read more at Cointelegraph: Hundreds of EVM Wallets Drained of Small Amounts: ZachXBT