- Trust Wallet’s Chrome extension was hacked, leading to a $7M loss.
- Binance founder CZ announced investigation into update submission.
- Trust Wallet plans to fully compensate affected users.
Trust Wallet experienced a breach of its Chrome extension (v2.68) on December 24-26, 2025, resulting in $7 million in user fund losses, fueled speculation of insider involvement.
The incident underscores potential insider threats in cryptocurrency security, raising concerns about user protection and transparency in wallet operations, as Binance commits to covering the losses.
Trust Wallet’s Chrome browser extension was compromised between December 24-26, 2025, resulting in approximately $7 million in user funds being drained. The hack targeted version 2.68 of the extension, prompting urgent user updates.
The key players include the Trust Wallet team, who reported the incident on their official X account (TrustWallet updates on compensations and user safety protocols). Binance founder CZ confirmed the losses and indicated an ongoing investigation into how the update was submitted.
Hundreds of wallets were affected, with nearly $2.8 million remaining in hacker wallets while over $4 million was sent to cryptocurrency exchanges. This incident struck a blow to user confidence in crypto wallet security.
PeckShieldAlert reported on-chain data indicating significant unauthorized transactions, spreading concern among users regarding their fund safety. Trust Wallet committed to full compensation to maintain user trust.
Blockchain investigator ZachXBT tracked the funds, revealing insights into the extent of the breach. The incident highlighted potential security vulnerabilities within browser extensions.
Security experts suggest that insider knowledge might have facilitated this breach, pointing to potential regulatory scrutiny (AndrewMohawk tweets about recent scams affecting crypto investors). The case draws comparisons to previous supply-chain attacks involving malicious code modifications.
