A routine update turned into a holiday headache for crypto holders when a hidden flaw in Trust Wallet’s Chrome extension allowed thieves to siphon off over $7 million in assets. Starting on Christmas Day 2025, reports flooded in of sudden wallet empties, but swift action from the team—including an emergency patch and full reimbursement pledge—limited the fallout and reassured the community.
The Breach: What Went Wrong with the Chrome Extension
The issue hit only version 2.68 of Trust Wallet’s browser extension, released just a day earlier on December 24, 2025. Malicious code, cleverly disguised as analytics tracking, activated when users unlocked their wallets or entered recovery phrases. It quietly decrypted and transmitted those critical seed phrases to a remote server controlled by attackers.
Beware: Scam-as-a-Service Aiding Cybercriminals in Crypto Wallet …
This illustration shows the alarming speed of a typical crypto drain attack, where funds vanish across chains in minutes once keys are exposed.
Blockchain investigators quickly spotted drains on Bitcoin, Ethereum, Solana, and other networks. Mobile app users escaped unscathed, as the vulnerability was isolated to the desktop browser tool.
Technical Details Behind the Vulnerability
Security researchers from SlowMist dissected the compromised code and found a backdoor that scanned stored wallets, prompted for mnemonics, and exfiltrated them to a domain registered weeks in advance. The attacker likely compromised the build or deployment process, inserting the payload without detection.
Trust Wallet – Chrome Web Store
A screenshot of the Trust Wallet Chrome extension in action—familiar to millions, but version 2.68 carried an invisible threat.
As noted by CoinDesk and The Hacker News, this supply-chain style attack highlights risks in software distribution, even for established providers.
Rapid Response: Patch and Compensation Announced
Trust Wallet wasted no time, rolling out version 2.69 on December 25 to remove the malicious elements. They urged everyone to disable the old version immediately and update only via the official Chrome Web Store.
My Chrome on Windows 10 shows warning on best extension in the …
Warnings like this in the Chrome ecosystem remind users to stay vigilant during updates.
Binance founder Changpeng Zhao (CZ), who owns Trust Wallet, personally confirmed the $7 million impact and vowed full coverage: “User funds are SAFU.”
Changpeng Zhao: tech chief in the eye of the cryptocurrency storm …
CZ, a key voice in crypto, stepped up to calm concerns amid the chaos.
This draws from Binance’s long-standing emergency fund, ensuring no victim loses out permanently.
Protecting Yourself: Essential Steps for Trust Wallet Users
If you’re affected or just cautious, here’s what to do right away.
Check and Update Immediately
- Go to Chrome’s extensions page (chrome://extensions/).
- Disable or remove version 2.68 if present.
- Install the safe 2.69 directly from the verified store link.
Avoid opening the old extension, as it could still trigger risks.
Broader Crypto Safety Habits
Move significant holdings to hardware wallets for cold storage. Never enter seed phrases on potentially compromised devices, and watch for phishing attempts exploiting this news.
In wrapping up, while the incident shook confidence briefly, Trust Wallet’s transparent handling and commitment to refunds show resilience in the crypto space. As investigations continue into the breach’s origins, it’s a timely nudge for all of us to prioritize security in this fast-evolving world. Stay updated through official channels!
