Trust Wallet Hacked: What Crypto Users Should Do Now

bitcoinistPublished on 2025-12-26Last updated on 2025-12-26

Abstract

Trust Wallet has confirmed a security incident specifically affecting its Chrome browser extension version 2.68, advising users to immediately disable and upgrade to version 2.69. Mobile-only users and those on other extension versions are not impacted. The breach was first flagged by on-chain investigator ZachXBT, who reported multiple users had funds drained. Cybersecurity firm PeckShield estimates losses exceeded $6 million, with a portion sent to centralized exchanges. Trust Wallet is directing affected users to contact support, and Binance founder Changpeng Zhao has stated that Trust Wallet will cover the estimated $7 million in losses. Users are urged to update their extensions and avoid using version 2.68 until upgraded.

Trust Wallet says a “security incident” hit only one slice of its product stack: the Chrome browser extension on version 2.68. If you are a mobile-only user, the company says you’re not affected. If you are on any other extension version, the company says you’re not affected either. The problem, per Trust Wallet’s own wording, is tightly scoped, even if the fallout doesn’t feel that way when you’re staring at an emptied address.

The first public flare went up on Dec. 25 via on-chain investigator ZachXBT, who posted a Telegram warning that “a number of Trust Wallet users have reported that funds were drained from wallet addresses within the past couple of hours.”

He stressed that “the exact root cause has not been determined,” then pointed out an uncomfortable coincidence: “the Trust Wallet Chrome extension pushed a new update yesterday.” In the same message, he asked victims to DM him on X so he could “update the list of theft addresses below as I verify more,” and he began publishing alleged theft destinations across multiple chains. His list included multiple EVM addresses and a Solana address.

Trust Wallet Confirms The Hack

The wallet firm later confirmed the incident on X. “We’ve identified a security incident affecting Trust Wallet Browser Extension version 2.68 only. Users with Browser Extension 2.68 should disable and upgrade to 2.69,” the company wrote, linking users to the official Chrome Web Store listing.

It added: “Please note: Mobile-only users and all other browser extension versions are not impacted.” The post closed with the kind of line every security team ends up typing sooner or later: “We understand how concerning this is and our team is actively working on the issue. We’ll keep sharing updates as soon as possible.”

Then the guidance got more urgent, and more specific. Trust Wallet warned users who hadn’t updated to 2.69: “please do not open the Browser Extension until you have updated. This may help to ensure the security of your wallet and prevent further issues.”

In a follow-up, it spelled out a step-by-step that boils down to: don’t open the extension, go to Chrome’s extensions page for Trust Wallet, toggle it off if it’s still on, enable Developer mode, hit “Update,” and confirm you’re on version 2.69 before doing anything else. It’s not glamorous, but it’s actionable, which is what matters when you’re in incident mode.

As the claims and counterclaims swirled, cybersecurity firm PeckShield put an early dollar figure on the damage. “The Trust Wallet exploit has drained >$6M worth of cryptos from victims,” PeckShield wrote, adding that while about “~$2.8M of the stolen funds remain in the hacker’s wallets (Bitcoin/EVM/Solana), the bulk – >$4M in cryptos – has been sent to CEXs,” with a breakdown of “~$3.3M to ChangeNOW, ~$340K to Fixed Float, & ~$447K to Kucoin.”

One more pressure point surfaced quickly: compensation. ZachXBT said, “I currently have many concerned victims contacting me via DM so can your team please clarify if you will be offering any compensation for Trust Wallet Browser Extension users.” Trust Wallet did not answer that directly in public. Instead, it replied that its customer support team was already in touch with impacted users regarding next steps and directed people to reach out via its support channel.

So what should users do now, in plain terms? If you are on extension version 2.68, Trust Wallet’s instruction is to stop using it as-is: disable it and upgrade to 2.69 before you open it again. If you think you were affected, the company is routing users to support, while independent investigator ZachXBT is asking for reports to help map theft flows.

UPDATE: Binance founder Changpeng Zhao confirmed via X that user will be compensated for the hack. “So far, $7m affected by this hack. Trust Wallet will cover. User funds are SAFU. Appreciate your understanding for any inconveniences caused. The team is still investigating how hackers were able to submit a new version,” Zhao wrote today.

At press time, the total crypto market cap stood at $2.95 trillion.

Total crypto market cap sits below the 2021 high, 1-week chart | Source: TOTAL on TradingView.com

Related Questions

QWhich specific version of the Trust Wallet extension was affected by the security incident?

AThe security incident affected Trust Wallet Browser Extension version 2.68 only.

QWhat is the primary action users of the affected extension version should take immediately?

AUsers on version 2.68 should disable the extension and upgrade to version 2.69 before opening it again.

QAccording to cybersecurity firm PeckShield, what was the estimated value of crypto drained in the exploit?

APeckShield reported that the exploit drained over $6 million worth of cryptocurrencies from victims.

QWho first publicly reported the potential issue with Trust Wallet on December 25th?

AOn-chain investigator ZachXBT first reported the issue via a Telegram warning.

QDid Trust Wallet or its parent company commit to compensating affected victims?

AYes, Binance founder Changpeng Zhao confirmed via X that Trust Wallet would cover the losses, stating that user funds are SAFU.

Related Reads

LayerZero Breaks Silence On $290 Million KelpDAO Crypto Exploit

LayerZero has addressed the $290 million exploit affecting KelpDAO's rsETH, asserting it was not a protocol failure but a result of KelpDAO's decision to use a single-DVN (Decentralized Verifier Network) configuration. The company claims the attack was isolated to this specific setup and confirms no contagion risk to other assets or applications. Preliminary analysis suggests the attack was executed by a sophisticated state actor, likely North Korea's Lazarus Group. The method involved poisoning RPC infrastructure used by the LayerZero Labs DVN, swapping binaries on compromised nodes, and using DDoS attacks to force traffic to the malicious infrastructure. However, LayerZero states its least-privilege principles prevented a direct compromise. The exploit was only possible due to KelpDAO's 1-of-1 verifier setup, which contradicts LayerZero's recommended multi-DVN redundancy model. A properly configured system with multiple independent DVNs would have prevented the attack. LayerZero has deprecated affected nodes, restored its DVN, and will no longer support 1/1 configurations. Aave has frozen rsETH and WETH reserves on its platforms as a precaution while confirming rsETH on Ethereum mainnet remains fully backed.

bitcoinist28m ago

LayerZero Breaks Silence On $290 Million KelpDAO Crypto Exploit

bitcoinist28m ago

Investor Confidence in Ozak AI Continues To Rise Despite Broader Uncertainty Across Crypto Markets

Despite broader crypto uncertainty with Bitcoin and Ethereum consolidating, Ozak AI ($OZ) continues to attract investor confidence, raising over $6 million in its presale. The project combines AI and DePIN (Decentralized Physical Infrastructure Network) to offer automation, prediction analytics, and scalable infrastructure. Key factors driving interest include its utility-focused approach, cross-chain support, staking mechanisms, and strategic partnerships with entities like SINT, Hive Intel, Pyth Network, and Dex3. These collaborations enhance data availability, liquidity, and execution capabilities. Priced at $0.014 in presale, Ozak AI’s tangible traction and long-term ecosystem potential position it strongly amid market volatility.

TheNewsCrypto47m ago

Investor Confidence in Ozak AI Continues To Rise Despite Broader Uncertainty Across Crypto Markets

TheNewsCrypto47m ago

Unicoin Foundation Debuts, Aligning Social Impact with the Future of Responsible Crypto

Unicoin Inc. has launched the Unicoin Foundation, a mission-driven organization aimed at leveraging blockchain for social impact and expanding digital economy access. The Foundation’s with evolving regulatory clarity under SEC Chair Paul Atkins, emphasizing transparency and responsible innovation. Its flagship initiative, “Crypto for Good,” focuses on financial literacy, entrepreneurship support, and ecosystem development to enable broader participation in crypto, particularly for underrepresented communities. The Foundation will operate under independent governance chaired by Robert Newman, with a board of 27 directors elected by shareholders. This follows a shareholder vote where nearly 99% approved the transition to an independent structure, aligning with proposed regulatory frameworks for digital assets.

TheNewsCrypto1h ago

Unicoin Foundation Debuts, Aligning Social Impact with the Future of Responsible Crypto

TheNewsCrypto1h ago

Bitcoin Price Could See Another Crash, But What Is The Long-Term Prognosis?

Bitcoin recently surpassed $78,000, reigniting bullish sentiment and expectations of reaching six figures. However, analyst Behdark warns of a potential price crash before any sustained recovery. He suggests current optimism may be misleading, possibly a tactic by market makers to attract buyers before a downturn. Technical analysis indicates bearish patterns, such as a triangle or diamagnetic formation, signaling a likely decline. Key resistance levels to watch are $77,000 and $80,552, where a reversal may occur. If a correction happens, support levels are identified near $72,800, $67,885, and $67,677, with a break below possibly leading to a further 10% drop. The long-term outlook remains above the $60,000 cycle support, suggesting eventual recovery after a short-term dip.

bitcoinist2h ago

Bitcoin Price Could See Another Crash, But What Is The Long-Term Prognosis?

bitcoinist2h ago

Prediction Markets Under Bias

The article "Prediction Markets Under Bias" by Jeff Park of Bitwise argues against the common media portrayal of prediction markets as mere gambling or a social ill. It distinguishes between gambling and investment based on whether a participant's strategy has a positive expected value (+EV), not the market's structure. The author contends that prediction markets, like poker, are skill-based and can be a legitimate form of investment, offering individuals autonomy, truth discovery, and decentralized value. The piece critiques the common conflation of prediction markets with casino gambling, highlighting their role in risk hedging and capital efficiency, similar to insurance and securitization. A key differentiator is their precision and finite expiration, which makes prices directly anchor to factual outcomes, rewarding deep research and information advantage rather than punishing the uninformed. The author concludes that media opposition often stems from a structural bias, as these markets challenge traditional information gatekeepers and promote a more democratic, transparent system for pricing truth. The real debate is not about information having a price, but about who controls and profits from it.

marsbit3h ago

Prediction Markets Under Bias

marsbit3h ago

Trading

Spot
Futures
活动图片