Loading Ratings...
Trust Wallet to compensate users after breach involving its Chrome browser extension led to losses of $7 million in digital assets.
Author: Sahil Thakur
Published On: Sun, 28 Dec 2025 01:46:20 GMT
28th December 2025 – Trust Wallet to compensate users after a major security breach involving its Chrome browser extension led to the theft of approximately $7 million in digital assets. Binance founder Changpeng Zhao (CZ) confirmed that the wallet platform will reimburse all affected users.
On December 24, attackers exploited a vulnerability in version 2.68 of Trust Wallet’s Chrome extension. By using a leaked Chrome Web Store API key, they managed to bypass internal release protocols and publish a malicious update. This code harvested wallet seed phrases by embedding malicious code into a commonly used analytics library.
The breach came to light after multiple users reported missing funds. Blockchain investigator ZachXBT first issued an alert on December 25. Trust Wallet responded quickly, releasing a patch through version 2.69 the next day.
The attack affected hundreds of wallets and resulted in the loss of assets across multiple blockchains, including Bitcoin, Ethereum, and Solana. Blockchain security firm PeckShield revealed that over $4 million had already moved through centralized exchanges such as ChangeNOW, KuCoin, and FixedFloat. Meanwhile, around $2.8 million remained in the attacker’s wallets as of December 26.
Importantly, users who accessed the extension before 11 a.m. UTC on December 26 were considered at risk. In contrast, mobile users and those running other extension versions were unaffected.
To address the incident, Trust Wallet launched an official claims process through its support portal. Affected users are required to submit their email addresses, wallet information, and transaction details. CEO Eowyn Chen stated that each claim will undergo thorough verification to ensure both accuracy and security.
Changpeng Zhao also weighed in. Posting on X, he said, “So far, $7 million affected by this hack. Trust Wallet will cover. User funds are SAFU.”
In the days following the breach, fake compensation forms began circulating online. Trust Wallet urged users to avoid unofficial links and instead rely only on its official support channels.
Although Trust Wallet reacted quickly, the breach has reignited concerns about browser-based wallets. This incident shows how a single compromised API key can lead to massive losses—even when internal systems are in place.
With around one million Chrome users, Trust Wallet now faces the challenge of restoring trust. While the company has not yet revealed plans for changes to its release process, it is continuing to cooperate with cybersecurity firms and law enforcement agencies to trace the attackers.
Real voices. Real reactions.
@TrustWallet $24817 was stolen from me this morning at 8:49, transferred first to one wallet, then immediately to another, I still see them on this 3rd wallet, help me get my money back
@cz_binance @TrustWallet The submitted new version means you have flaws in your ci/cd sec process. The fact that it was a source code change means it was most likely a dev unless your version control procedures have been compromised. New versions should require approvals and multi sig and holding
@cz_binance @TrustWallet surely is insider working in the team
Our Crypto Talk is committed to unbiased, transparent, and true reporting to the best of our knowledge. This news article aims to provide accurate information in a timely manner. However, we advise the readers to verify facts independently and consult a professional before making any decisions based on the content since our sources could be wrong too. Check our Terms and conditions for more info.
Trust Wallet to Compensate Victims of Hack Worth $7M
Coinbase Breach Leads to Arrest in India
Trust Wallet Confirms Security Incident After Wallets Drained
Upbit Hack Disclosure: Exchange Covers $37M Loss
Trust Wallet to Compensate Victims of Hack Worth $7M
Coinbase Breach Leads to Arrest in India
Trust Wallet Confirms Security Incident After Wallets Drained
Upbit Hack Disclosure: Exchange Covers $37M Loss
