Trust Wallet Extension Hack: $7 Million Loss and Recurring Risk

The crypto community has faced a serious security incident. Trust Wallet users lost approximately $7 million as a result of a compromised Chrome browser extension. The incident was discovered in late December 2025 and has raised widespread concern within the digital asset ecosystem.

Changpeng Zhao, co-founder of Binance (which owns Trust Wallet), immediately announced compensation for the losses incurred. However, this incident serves as yet another confirmation of the growing security threats to cryptocurrency storage solutions.

Scope of the incident: how users lost funds

On December 25th, on-chain analyst ZachXBT detected abnormal activity on the network. “The community warns: several Trust Wallet users reported that funds were drained from their addresses over the past few hours,” he stated. “Although the exact cause has not been fully determined, it is worth noting that the Trust Wallet extension for Chrome received an update immediately before the incident.”

The vulnerability affected version 2.68 of the browser extension. Crypto wallets are inherently sensitive systems: they store private keys that give full control over the user’s digital assets. The compromised extension allowed malicious actors to access these keys and authorize transfers to addresses under their control.

Official response and technical solution

The Trust Wallet team responded promptly to the threat by posting a message on social media platform X. Developers strongly recommend users avoid version 2.68 and immediately update to version 2.69, where the vulnerability has been fixed. “Mobile-only users and all other versions of the browser extension are not at risk,” clarified the wallet team.

In addition to the technical fix, Changpeng Zhao promised full reimbursement of the stolen $7 million to affected users, significantly mitigating the incident’s consequences.

Growing wave of cybercrimes against crypto assets

This incident occurred amid an unprecedented rise in cryptocurrency thefts. According to analytics firm Chainalysis, in 2025, a total of $6.75 billion worth of crypto assets were stolen. Particularly alarming is the statistics on personal wallet hacks: their number reached 158,000 cases, more than doubling the previous year’s figure (64,000 hacks).

However, there is a positive trend: the share of stolen funds from personal wallet hacks decreased from 44% to 20% of the total theft volume, indicating increasing adoption of more secure solutions for asset storage.

Recommendations for users

The $7 million incident serves as a reminder of the vulnerabilities of browser extensions as a class. Experts recommend:

• Ensuring your Trust Wallet extension is updated to at least version 2.69
• Checking your wallet’s transaction history for unauthorized transfers
• Considering the use of hardware wallets for storing significant amounts of cryptocurrency
• Enabling two-factor authentication wherever possible

While the promised compensation will positively impact trust in the platform, this case underscores the need for constant vigilance when working with digital assets.