Trust Wallet Opens $7M Compensation After Chrome Exploit Leaks Seed Phrases

Trust Wallet has opened a formal compensation process for users affected by a security incident involving its Chrome browser extension, after malicious code embedded in a recent update led to the exposure of wallet seed phrases and the loss of millions of dollars in crypto assets.

The company said on Friday that affected users can now submit claims through an official support form hosted on Trust Wallet’s portal.

The claims process requires users to provide basic identifying details, including their email address and country of residence, alongside the compromised wallet addresses, suspected attacker addresses, and relevant transaction hashes.

Trust Wallet said it is prioritizing reviews of all submissions and has committed to compensating every verified victim of the incident.

Trust Wallet Contacts Victims as Scammers Exploit Breach Fallout

In a statement posted on X on December 26, Trust Wallet acknowledged the disruption caused by the breach and said its support team had already begun contacting impacted users.

The company added that each case requires careful verification to ensure accuracy and security and promised to provide ongoing updates as the process moves forward.

At the same time, Trust Wallet warned users to remain vigilant against scams, noting an increase in fake compensation forms, impersonated support accounts, and unsolicited direct messages circulating on Telegram and other platforms.

The compensation announcement followed confirmation of the breach on December 25, when Trust Wallet disclosed that only version 2.68 of its Chrome browser extension was affected.

Blockchain investigator ZachXBT first drew attention to the incident after multiple users reported unauthorized fund outflows shortly after installing the update.

Trust Wallet later urged users running the compromised version to disable it immediately and upgrade to version 2.69.

According to ZachXBT, the number of victims climbed into the hundreds within hours, with more than $6 million siphoned across several blockchains, including Bitcoin, Solana, and EVM-compatible networks.

Several users said their wallets were drained within minutes, with one account on X claiming losses exceeding $300,000, though ZachXBT later flagged that specific account as suspicious.

How a Chrome Extension Update Turned Into a Wallet Heist

Investigators and users reported that the malicious extension appeared legitimate when installed through Chrome’s normal update process.

However, the embedded code allowed attackers to extract users’ recovery phrases, enabling immediate access to their funds.

One user warned that simply importing a seed phrase into the extension triggered instant wallet draining.

Browser extensions typically operate with elevated permissions, giving them access to web pages, storage, and browsing data, which makes them a powerful target for attackers when abused.

Trust Wallet said mobile app users and those running other versions of its browser extension were not impacted. The Chrome extension itself has roughly one million users, according to its Web Store listing.

In a separate post, Changpeng Zhao, the founder of Binance, which acquired Trust Wallet in 2018, confirmed that all verified losses would be covered. Zhao estimated the total affected amount at around $7 million and said user funds would be reimbursed.

The incident comes amid a broader rise in wallet-related exploits across the crypto industry.

According to Chainalysis, more than $3.4 billion was stolen from January through early December 2025, with a single February compromise at Bybit accounting for nearly half of that total.

Personal wallet compromises have grown steadily over recent years, rising from just over 7% of stolen value in 2022 to more than a third in 2025, excluding the Bybit attack.

Centralized platforms, while less frequently compromised, have also seen increasingly large losses tied to private key breaches.