Trust Wallet has confirmed a security incident affecting its Chrome browser extension, specifically version 2.68. The issue was identified during the Christmas period after users reported that funds were drained shortly after restoring their wallets. The company stated that only this single extension version was impacted. Mobile app users and users on other extension versions were not affected.
According to Trust Wallet, the incident involved unauthorized access that allowed attackers to compromise user wallets. Once confirmed, the team advised users to stop using the affected extension immediately and to update to version 2.69.
How the Attack Worked
Investigations showed that the compromised extension contained malicious code. When users imported their seed phrase into version 2.68, the code transmitted sensitive data to an external server controlled by the attacker. With access to the seed phrase, attackers were able to drain wallets almost instantly.
Many users reported that their balances disappeared within minutes of restoring their wallets. In several cases, the affected wallets had been inactive for long periods before the incident.
Read also: Hacker Steals $908K in Delayed USDC Wallet Scam
Scope of the Losses
Trust Wallet has confirmed that approximately $7 million in user funds was affected. Hundreds of wallets were impacted during a short time window, with most unauthorized transactions occurring on December 25.
On-chain analysts and community researchers were among the first to flag unusual transaction patterns. Shortly after, Trust Wallet publicly acknowledged the issue and began issuing warnings through its official channels.
Read also: Not Your Keys, Not Your Crypto: Why You Should Have a Cold Wallet
Response From Trust Wallet and Binance
Trust Wallet released a patched version of the extension, version 2.69, and instructed users not to open the extension until the update was complete. The company also shared step-by-step instructions on how to disable and update the extension safely through the Chrome extensions panel.
Changpeng Zhao, founder of Binance and owner of Trust Wallet, confirmed that all affected users would be fully reimbursed. He stated that user funds are safe and that Trust Wallet will cover the losses in full.
The Trust Wallet team stated that it is still investigating how the compromised version was approved and published on the Chrome Web Store. Early assessments suggest a possible supply chain issue, as the malicious code was present in an official release rather than a fake or third-party extension.
Read also: How to recognize a crypto presale scam? Full guide
User Warnings and Next Steps
Trust Wallet has urged users to interact only with messages from its official channels and to avoid links or instructions shared elsewhere. Users who had version 2.68 installed were advised to update immediately and refrain from restoring wallets until the secure version was confirmed.
The refund process for affected users is currently being finalized, with Trust Wallet stating that instructions will be shared directly with those impacted once the process is complete.
