On Christmas Day 2025, hundreds of crypto users woke up to a nightmare: their wallets suddenly empty. A sneaky vulnerability in Trust Wallet’s browser extension let attackers steal around $7 million in digital assets. The good news? Binance founder Changpeng Zhao (CZ) quickly stepped in, promising every affected user would get their money back in full.
What Happened in the Trust Wallet Incident?
Trust Wallet, one of the most popular non-custodial crypto wallets, suffered a security breach limited to its Chrome browser extension. The problem was in version 2.68, where malicious code sneaked in during an update process. When users unlocked their wallets or imported seed phrases, the bad code quietly sent private keys to the attackers.
Funds were drained across chains like Ethereum, Bitcoin, and Solana, often within hours of interaction.
Over $5.8 Million Drained in Solana Wallet Exploit | Elliptic …
This graphic illustrates how quickly funds can vanish in a wallet drain scenario, highlighting the speed of on-chain transactions once keys are compromised.
Importantly, the mobile app and other browser versions remained safe—only the specific Chrome extension version was hit.
How the Flaw Worked and Why It Was Dangerous
Security experts traced the issue to a backdoor in the extension’s code that decrypted and exfiltrated mnemonic phrases (your wallet’s master key). Attackers somehow got a compromised version uploaded to the official Chrome Web Store.
Trust Wallet – Chrome Web Store
Here’s a typical screenshot of the Trust Wallet browser extension interface—innocent-looking, but version 2.68 hid a serious threat.
As reported by blockchain security firm SlowMist, the malicious domain involved was registered weeks earlier, suggesting a planned attack.
What To Do If Your Crypto Wallet Is Hacked
Visual warnings like this remind us why strong security habits are crucial in crypto.
CZ’s Response and Full Compensation Promise
Changpeng Zhao, known as CZ and the driving force behind Trust Wallet (acquired by Binance years ago), addressed the community directly on X. He confirmed the $7 million impact and stated: “Trust Wallet will cover. User funds are SAFU.”
Down Arrow Button Icon
CZ has been a prominent figure in crypto, often reassuring users during crises.
“SAFU” refers to Binance’s Secure Asset Fund for Users, an emergency reserve set up in 2018 to protect against losses like this. Trust Wallet committed to reimbursing everyone affected, drawing from similar protective measures.
Trust Wallet Reimagined: Our New Brand Explained | Trust
The official Trust Wallet logo represents a brand trusted by millions for self-custody storage.
Steps Users Should Take Right Now
If you use Trust Wallet’s browser extension:
Immediate Actions
- Check your version—if it’s 2.68, disable it right away.
- Update to version 2.69 only from the official Chrome Web Store.
- Avoid opening the old extension to prevent any lingering risks.
Mobile users: You’re in the clear, but always download updates from trusted sources.
Long-Term Safety Tips
Consider moving large holdings to a hardware wallet for extra protection. Enable two-factor authentication where possible, and never share your seed phrase.
This incident underscores that even reputable tools can have vulnerabilities, but quick transparency and compensation help rebuild trust.
In the fast-moving world of crypto, events like this serve as reminders to stay vigilant. With full refunds on the way, affected users can breathe easier, but the community will watch closely as investigations continue into how the flaw made it through. Stay safe out there!
