Recovering $1M in User Funds

While blockchain networks are notoriously difficult to hack, cybercriminals still find ways to manipulate users and projects to gain access to their funds. In 2023 alone, more than $1 billion worth of crypto was stolen in multiple attacks according to blockchain analysis firm, Chainanalysis.

Many believe most losses stem from advanced hacking or malware, but the reality is different: the majority of these thefts are the result of social engineering scams. In fact, the FBI’s 2023 report shows 71% of a staggering $5.6 billion in crypto-related losses stem from investment scams rely on social engineering tactics, not hacking.

A recent poll by Trust Wallet revealed how much crypto users know about Web3 security. While most poll respondents claim to exercise caution, the results revealed that 60% of users disregard security warnings even after receiving clear alerts. The poll which was taken by over 1,800 general crypto users and 100 crypto professionals shows that this demographic frequently bypass warnings, prioritizing profit over security.

This widespread complacency makes even seasoned crypto users and financial experts vulnerable to schemes like pig-butchering scams, where trust is built over time before victims are swindled.

Trust Wallet’s Approach to Security

Since its launch in 2017, Trust Wallet has focused on proactive security measures.

To maintain top-tier security standards, Trust Wallet undergoes up to 40 audits a year by renowned third-party firms like Halborn, Kudelski, Cure53 and Certik. In 2024, the company also became the first major self-custody Web3 wallet to earn ISO/IEC 27001:2022 and ISO/IEC 27701:2019 certifications, confirming its dedication to user safety and privacy.

In addition to formal audits, Trust Wallet invites its user community to participate in its Bug Bounty Program, rewarding individuals for identifying security vulnerabilities. This collaborative approach enables Trust Wallet to stay ahead of emerging threats.

From a product perspective, Trust Wallet’s Security Scanner alerts users to risky transactions, dApps, and NFTs, helping them make informed decisions before executing a potentially dangerous action. Each transaction is thoroughly assessed, with clear warning messages for suspicious activity.

Trust Wallet CEO Eowyn Chen emphasizes the role of trust in driving innovation: “Trust and security are the foundation for innovation. In the ever-accelerating world of Web3, innovation isn’t just about introducing new features or technologies — it’s about building a future that users can trust. At Trust Wallet, I’ve always believed that security and trust aren’t hurdles to innovation; they are its foundation. Without them, any advancement is on shaky ground. “

The $1M Recovery: A Testament to Trust Wallet’s Security Team

In 2023, Trust Wallet’s Customer Support team was able to recover over $90,000 USD worth of assets. In 2024, that recovery figure sits at an astounding $1 million USD. The recent and largest recovery ever was $400,000 USD for a user who had fallen victim to a social engineering scam – so subtle, that the victim didn’t notice at first. Through collaboration with the Security team, the user’s funds were recovered.

Social engineering scams like the one mentioned above can happen. For example, an attacker poses as a trusted individual or authority figure, such as a customer support agent from a crypto exchange or wallet, and contacts the user claiming there’s an issue with their account. They persuade the user to provide sensitive information like their login credentials or private keys under the guise of resolving the supposed issue. This allows the attacker to gain unauthorized access to the user’s crypto holdings.

In 2023, a victim lost over $1,500 to a pig butchering scheme. The victim was enticed to join a so-called “mining pool” due to the promised ‘lucrative’ opportunity. However, while transacting with the malicious website, the victim confirmed an approval transaction where the scammer can move the USDT tokens anytime, under the guise of a “requirement” to “earn”. The victim was receiving payouts every day. Then at some point, the victim can’t withdraw anymore and was told by the supposed “customer support” of the malicious website to pay “taxes”. Though it was a bit late, the victim realized this was a fraudulent scheme and immediately reported to Trust Wallet customer support. Fortunately, Trust Wallet’s team were able to track and recover the funds for the victim.

Overall since 2023, Trust Wallet has:

• Prevented over $450M from being sent to scammers through its security scanner.
• Blocked users from connecting to 700+ malicious dApps.
• Assisted in recovering $1.1M in stolen funds.
• Shut down 700+ phishing sites and removed 2,300+ scammer accounts.
• Conducted over 40 security audits per year.

These security measures and efforts underscore Trust Wallet’s commitment to creating a safer environment for users navigating the crypto space.

Reflecting on these security milestones and the need to continually strengthen protection measures, Trust Wallet’s Chief Information Security Officer (CISO), Eve Lam stated;

“These milestones highlight our dedication, but they’re just the start. In the ever-evolving Web3 landscape, security must stay one step ahead of emerging threats. At Trust Wallet, we’re committed to not only protecting users but empowering them, creating a safer, more transparent ecosystem for everyone. As leaders in the crypto community, our focus is on building trust and security for the future, ensuring that users can fully embrace the freedom of Web3 without fear of exploitation.”

The Future of Web3 Security

While Trust Wallet works closely with law enforcement and security experts to assist users, the process of recovering funds remains challenging due to the immutable and irreversible nature of blockchain transactions. In certain cases, assets moved through centralized exchanges can be recovered, but once they pass through privacy tools, recovery becomes nearly impossible.

This highlights a crucial point: prevention is far more effective than recovery. Trust Wallet’s real-time security alerts, provided through its Security Scanner, play a vital role in helping users avoid risky transactions. However, with fewer than 40% of users stopping transactions after receiving these warnings, it’s clear that greater awareness and education are needed to reduce the risks.

Overall, Trust Wallet’s commitment to user protection is focused on prevention. By leveraging tools like the Security Scanner, it aims to foster a safer environment where users can confidently explore Web3. While blockchain offers unparalleled financial freedom, these benefits can only be fully realized when users actively prioritize security and education.

Through continuous enhancement of its security infrastructure and active community engagement, Trust Wallet is helping shape a more secure and transparent future for Web3.