ALL POSTS

Key Findings GlassWorm campaign evolved to deliver multi-stage malware framework with data theft and remote access capabilities Operators use Solana blockchain transactions as dead drop resolvers to hide command-and-control infrastructure Malware includes hardware wallet phishing targeting Ledger and Trezor devices with fake recovery phrase prompts Chrome extension masquerading as "Google Docs Offline" steals browser data, cookies, and monitors cryptocurrency exchange session

Key Findings Trust Wallet confirmed a security incident involving its Chrome extension version 2.68 that resulted in approximately $7 million in losses. The malicious code in the compromised extension version prompted users to share their wallet mnemonic phrases, which were then used to drain funds. Trust Wallet is advising all users to urgently update to version 2.69 of the extension to mitigate the issue. The company stated it will ensure all affected users are refunded, wi