A significant security breach was reported involving the Trust Wallet Chrome extension on December 26, 2025. The attack stemmed from a supply-chain vulnerability that compromised version 2.68 of the browser extension, enabling hackers to inject malicious code. This allowed them to access user seed phrases and subsequently drain their cryptocurrency wallets. Fortunately, users who utilize the mobile-only version of Trust Wallet were not impacted by this incident.
The financial ramifications of the breach are considerable, with approximately $7 million in funds stolen. Various blockchain networks were affected, including Bitcoin, Ethereum, and Solana. Hundreds of users experienced losses, with individual amounts varying significantly, reaching as high as $3.5 million in some cases. Investigators, including ZachXBT and Lookonchain, confirmed the on-chain movement of the stolen funds to numerous exchanges.
The exploit is believed to have taken place on Christmas Day, December 25, prior to its public disclosure. In response to the situation, Changpeng Zhao, the founder of Binance, which owns Trust Wallet, confirmed that all affected users would receive full reimbursements. He emphasized that the issue was limited to the compromised extension version, assuring users that the core systems and funds remained secure.
To address the vulnerability, Trust Wallet has released an updated version, 2.69, which eliminates the malicious code. Users are strongly advised to take immediate action by disabling and removing version 2.68, updating to version 2.69, and transferring their assets to a new wallet. It is critical for users to assume their seed phrases may have been compromised during this incident.
This hack serves as a stark reminder of the persistent risks associated with browser extensions, even those updated through official channels. Security experts continually warn users to adopt best practices, such as utilizing hardware wallets for significant holdings, avoiding the storage of long-term assets in hot wallets, and verifying updates through official communications.
