Trust Wallet Security Breach: $7 Million Stolen from 2,596 Users

Trust Wallet recently disclosed that cybercriminals exploited its browser extension in a pre-Christmas attack, resulting in the theft of approximately $7 million from nearly 3,000 cryptocurrency wallet addresses. The popular cryptocurrency wallet, utilized by a vast user base of over 200 million individuals, enables the storage, transfer, reception, and management of various cryptocurrencies like Bitcoin, Ethereum, Solana, and numerous digital tokens through a browser extension and free mobile apps for iOS and Android.

Established in 2017 and subsequently acquired by Binance, a leading cryptocurrency exchange, Trust Wallet remains an autonomous decentralized wallet application. The breach occurred on December 24 when malicious actors compromised version 2.68.0 of the Chrome extension, inserting a malevolent JavaScript file to extract sensitive wallet information, resulting in the substantial financial loss.

Following the incident, Trust Wallet urged users to promptly update to version 2.69 to prevent further unauthorized access to their crypto assets. CEO Eowyn Chen revealed that the malevolent extension was not disseminated through the standard internal release process but likely infiltrated via a leaked Chrome Web Store API key, circumventing regular security checks and ultimately being distributed on December 24, 2025.

In response to the breach, Trust Wallet invalidated all release APIs for two weeks to thwart any potential release of new versions. The company also collaborated with the registrar NiceNIC to suspend the domain responsible for the data exfiltration. Despite these measures, the cybercriminals launched a phishing campaign exploiting the turmoil, masquerading as a Trust Wallet site and requesting users to disclose their wallet recovery seed phrase under the guise of a vital security update.

Subsequently, Trust Wallet confirmed that nearly 3,000 wallets were impacted by the breach, with plans to reimburse all affected individuals. To ensure accurate compensation, users are required to provide specific details, including contact information, compromised wallet addresses, the hacker’s address, and transaction hashes associated with the unauthorized withdrawals. The compensation process is underway, with the company diligently verifying claims to distinguish legitimate victims from malicious actors.

As the investigation progresses, Trust Wallet emphasizes the importance of vigilance, cautioning users against fraudulent support accounts, Telegram scams, and fake compensation forms. Users are advised to verify links, refrain from sharing recovery phrases, and exclusively utilize official Trust Wallet communication channels to safeguard their assets.