🚨 Security Incident: Trust Wallet Browser Extension Exploit Drains Millions in Crypto
🚨 Security Incident: Trust Wallet Browser Extension Exploit Drains Millions in Crypto
December 26, 2025 — A major security incident affecting the Trust Wallet Chrome browser extension has left numerous users reeling, with reports of unauthorized fund drains totaling millions of dollars. The issue, first highlighted by blockchain investigator ZachXBT and amplified by Cointelegraph, appears linked to a recent update and has sparked widespread concern in the crypto community.
What Happened?
On December 25, 2025, multiple Trust Wallet users reported that funds were suddenly drained from their wallets without any interaction or approval. The timing coincided with a Chrome extension update released on December 24 to version 2.68.
- Users importing seed phrases into the extension experienced immediate drains.
- On-chain analysis revealed funds routed through multiple addresses, suggesting an automated exploit.
- Estimated losses range from $2 million to over $6 million across chains like Ethereum, BNB Chain, Bitcoin, and others.
Developers and security researchers alleged that a new JavaScript file in the update, disguised as analytics code, activated upon seed phrase import and transmitted sensitive data to a malicious domain mimicking official Trust Wallet infrastructure.
Official Response from Trust Wallet
Trust Wallet confirmed the incident on December 25, stating:
"We’ve identified a security incident affecting Trust Wallet Browser Extension version 2.68 only. Users with Browser Extension 2.68 should disable and upgrade to 2.69."
- Important: Mobile app users and other extension versions are unaffected.
- Upgrade directly from the official Chrome Web Store: Trust Wallet Extension
- The team is investigating and promised further updates.
No mention of compensation has been made publicly, though support is reaching out to affected users individually.
Community Reaction and Warnings
- ZachXBT initially raised the alarm, collecting affected addresses and urging caution.
- Cointelegraph's post (the original tweet) featured screenshots from ZachXBT's community alert.
- Many users and analysts pointed to this as a potential supply-chain attack, highlighting risks of browser-based hot wallets.
- Recommendations: Use hardware wallets for significant holdings, avoid importing seeds into extensions, and revoke unnecessary approvals.
Key Takeaways and Safety Tips
This incident serves as a stark reminder that even trusted tools can become vectors for attacks through compromised updates.
What to Do If Affected:
- Move any remaining funds to a new wallet with a fresh seed phrase.
- Contact Trust Wallet support via official channels.
- Monitor transactions on explorers like Etherscan or BscScan.
Prevention for the Future:
- Prefer hardware wallets (e.g., Ledger, Trezor) for large amounts.
- Use multi-signature setups or separate hot/cold wallets.
- Always download extensions/apps from official sources.
- Enable security features like Trust Wallet's built-in scanner when available.
- Never share your seed phrase or approve suspicious transactions.
Crypto security is ultimately your responsibility. Stay vigilant, especially during high-activity periods like holidays when exploits seem to surge.
Sources: Cointelegraph, ZachXBT alerts, Trust Wallet official statements, on-chain reports from BeInCrypto, AMBCrypto, and Coingape.