Trust Wallet Hacked: What Crypto Users Should Do Now

bitcoinistPublished on 2025-12-26Last updated on 2025-12-26

Abstract

Trust Wallet has confirmed a security incident specifically affecting its Chrome browser extension version 2.68, advising users to immediately disable and upgrade to version 2.69. Mobile-only users and those on other extension versions are not impacted. The breach was first flagged by on-chain investigator ZachXBT, who reported multiple users had funds drained. Cybersecurity firm PeckShield estimates losses exceeded $6 million, with a portion sent to centralized exchanges. Trust Wallet is directing affected users to contact support, and Binance founder Changpeng Zhao has stated that Trust Wallet will cover the estimated $7 million in losses. Users are urged to update their extensions and avoid using version 2.68 until upgraded.

Trust Wallet says a “security incident” hit only one slice of its product stack: the Chrome browser extension on version 2.68. If you are a mobile-only user, the company says you’re not affected. If you are on any other extension version, the company says you’re not affected either. The problem, per Trust Wallet’s own wording, is tightly scoped, even if the fallout doesn’t feel that way when you’re staring at an emptied address.

The first public flare went up on Dec. 25 via on-chain investigator ZachXBT, who posted a Telegram warning that “a number of Trust Wallet users have reported that funds were drained from wallet addresses within the past couple of hours.”

He stressed that “the exact root cause has not been determined,” then pointed out an uncomfortable coincidence: “the Trust Wallet Chrome extension pushed a new update yesterday.” In the same message, he asked victims to DM him on X so he could “update the list of theft addresses below as I verify more,” and he began publishing alleged theft destinations across multiple chains. His list included multiple EVM addresses and a Solana address.

Trust Wallet Confirms The Hack

The wallet firm later confirmed the incident on X. “We’ve identified a security incident affecting Trust Wallet Browser Extension version 2.68 only. Users with Browser Extension 2.68 should disable and upgrade to 2.69,” the company wrote, linking users to the official Chrome Web Store listing.

It added: “Please note: Mobile-only users and all other browser extension versions are not impacted.” The post closed with the kind of line every security team ends up typing sooner or later: “We understand how concerning this is and our team is actively working on the issue. We’ll keep sharing updates as soon as possible.”

Then the guidance got more urgent, and more specific. Trust Wallet warned users who hadn’t updated to 2.69: “please do not open the Browser Extension until you have updated. This may help to ensure the security of your wallet and prevent further issues.”

In a follow-up, it spelled out a step-by-step that boils down to: don’t open the extension, go to Chrome’s extensions page for Trust Wallet, toggle it off if it’s still on, enable Developer mode, hit “Update,” and confirm you’re on version 2.69 before doing anything else. It’s not glamorous, but it’s actionable, which is what matters when you’re in incident mode.

As the claims and counterclaims swirled, cybersecurity firm PeckShield put an early dollar figure on the damage. “The Trust Wallet exploit has drained >$6M worth of cryptos from victims,” PeckShield wrote, adding that while about “~$2.8M of the stolen funds remain in the hacker’s wallets (Bitcoin/EVM/Solana), the bulk – >$4M in cryptos – has been sent to CEXs,” with a breakdown of “~$3.3M to ChangeNOW, ~$340K to Fixed Float, & ~$447K to Kucoin.”

One more pressure point surfaced quickly: compensation. ZachXBT said, “I currently have many concerned victims contacting me via DM so can your team please clarify if you will be offering any compensation for Trust Wallet Browser Extension users.” Trust Wallet did not answer that directly in public. Instead, it replied that its customer support team was already in touch with impacted users regarding next steps and directed people to reach out via its support channel.

So what should users do now, in plain terms? If you are on extension version 2.68, Trust Wallet’s instruction is to stop using it as-is: disable it and upgrade to 2.69 before you open it again. If you think you were affected, the company is routing users to support, while independent investigator ZachXBT is asking for reports to help map theft flows.

UPDATE: Binance founder Changpeng Zhao confirmed via X that user will be compensated for the hack. “So far, $7m affected by this hack. Trust Wallet will cover. User funds are SAFU. Appreciate your understanding for any inconveniences caused. The team is still investigating how hackers were able to submit a new version,” Zhao wrote today.

At press time, the total crypto market cap stood at $2.95 trillion.

Total crypto market cap sits below the 2021 high, 1-week chart | Source: TOTAL on TradingView.com

Related Questions

QWhich specific version of the Trust Wallet extension was affected by the security incident?

AThe security incident affected Trust Wallet Browser Extension version 2.68 only.

QWhat is the primary action users of the affected extension version should take immediately?

AUsers on version 2.68 should disable the extension and upgrade to version 2.69 before opening it again.

QAccording to cybersecurity firm PeckShield, what was the estimated value of crypto drained in the exploit?

APeckShield reported that the exploit drained over $6 million worth of cryptocurrencies from victims.

QWho first publicly reported the potential issue with Trust Wallet on December 25th?

AOn-chain investigator ZachXBT first reported the issue via a Telegram warning.

QDid Trust Wallet or its parent company commit to compensating affected victims?

AYes, Binance founder Changpeng Zhao confirmed via X that Trust Wallet would cover the losses, stating that user funds are SAFU.

Related Reads

TechFlow Intelligence Bureau: Chip Stocks Lose Trillions in a Single Day, Bitcoin Falls Below $60,000, US-Iran Conflict Escalates

**Daily Tech & Markets Roundup: AI Advances, Market Turmoil, and Geopolitical Tensions** **AI / LLMs**: Anthropic's internal report on AI self-improvement sparked serious discussions about Recursive Self-Improvement (RSI). Meanwhile, debate continues on AI coding tools after Claude was accused of introducing bugs into the rsync codebase. In positive news, DeepSeek V4 Flash impressed in local deployment tests, and GitHub Copilot now supports custom endpoints for local models. A surprising research turn suggests removing chain-of-thought prompting can sometimes improve LLM performance. **Crypto / Web3**: Bitcoin plunged below $60,000, with its RSI hitting levels last seen during the COVID-19 crash, driven by strong U.S. jobs data reviving interest rate hike fears. Discussions highlight Ethereum DeFi's continued lack of a smooth consumer payment layer. **Chips / Hardware**: Chip stocks suffered a massive sell-off, with the Philadelphia Semiconductor Index posting its worst single-day drop in six years, erasing over a trillion dollars in value. Marvell, Micron, AMD, and Intel were among the biggest losers. **Tech Companies**: A leaked Microsoft document revealing goals to make Copilot "addictive" drew criticism. LinkedIn founder Reid Hoffman left Microsoft's board to focus full-time on his AI agent startup, Manus. Google was revealed to be paying SpaceX $920 million monthly for AI training compute. **Markets & Macro**: A blowout U.S. jobs report (172k vs. 80k expected) crushed hopes for near-term rate cuts, sending Treasury yields soaring and triggering a broad market sell-off. CEOs from Kraft, McDonald's, and Whirlpool simultaneously warned U.S. consumers are exhausting their savings. **Geopolitics**: U.S.-Iran tensions escalated with missile/drone interceptions and U.S. strikes on Iranian radar sites, keeping the critical Strait of Hormuz largely closed since late February and posing ongoing oil supply risks. **The Bottom Line**: The strong jobs data acted as a single trigger for correlated sell-offs across equities, crypto, and chips. Underlying the volatility is a stark contradiction between robust employment data and warnings of consumer weakness, alongside geopolitical risks that could reignite inflation, leaving markets to price in a fraught macro outlook with no clear "soft landing" path.

marsbit10m ago

TechFlow Intelligence Bureau: Chip Stocks Lose Trillions in a Single Day, Bitcoin Falls Below $60,000, US-Iran Conflict Escalates

marsbit10m ago

Solana Treasury Giant Sends 455,784 SOL To Coinbase Prime: Selling Move?

Forward Industries, the largest corporate holder of Solana (SOL), has deposited 455,784 SOL (worth approximately $31.87 million) to Coinbase Prime. This move is seen as a potential sign the company may be preparing to sell, as its treasury strategy is currently at a significant loss. The firm accumulated 6.83 million SOL at an average price of $232.08 in 2025, but with SOL now trading around $65, its holdings are valued at just $452 million, representing a steep decline. This action follows similar pressures on other major crypto treasury firms, like Bitcoin holder Strategy, which are also deep in the red due to the broader market downturn. Solana's price has fallen over 19% in the past week.

bitcoinist10m ago

Solana Treasury Giant Sends 455,784 SOL To Coinbase Prime: Selling Move?

bitcoinist10m ago

It Took Me a Year to See the Bitter Truth About Agent Payments

After a year building infrastructure for the Agent economy, engaging with major players like Stripe, Visa, and Coinbase, the author shares a sobering analysis of the current state of Agent payments. The core finding is a stark lack of genuine, immediate demand across most envisioned use cases. The article breaks down four key market segments: 1. **Agent-to-Merchant (Consumer Shopping):** For most product categories (e.g., clothing, electronics), conversational AI shopping is a step backwards from visual e-commerce interfaces. While agents excel at understanding needs, they can't replace side-by-side product comparison. Real merchant interest is defensive "Agent Engine Optimization," not driven by current customer demand. Potential exists for high-frequency, low-decision purchases (like food delivery) or navigating complex store UIs, but these require massive B2C distribution channels dominated by giants like Amazon. 2. **Agent-to-API (Developer Services):** Developers already have subscriptions and billing relationships for APIs (compute, data). Prepaid balances solve micro-payment issues for low transaction volumes. A deeper structural problem is that major SaaS vendors' business models rely on enterprise contracts, resisting granular pay-per-call pricing. While protocols like MPP and x402 serve the long tail of niche services, this market is small and developers are historically low-willingness-to-pay. 3. **Agent-to-Agent:** This remains largely theoretical with minimal transaction volume. While it represents a long-term bet on a fundamentally new transaction infrastructure (sub-second, micro-penny to million-dollar, multi-party settlements), it does not constitute a present market. 4. **Agent-to-Finance:** This is the only category with existing, paying demand. Integrating AI into financial workflows (trading, portfolio management) is a natural evolution and enables new capabilities like autonomous rebalancing. However, competition favors established, regulated institutions. The "real problem" is not moving money between agents, but the broader challenge of **coordination**—orchestrating work between agents and humans, verifying outcomes, and settling results. Payment is just one component of settlement, which is itself part of coordination. Companies that solve the coordination layer will subsume payment, not the other way around. While well-funded incumbents build defensively for a long-term future, startups must find where the market is today—which, for the author's team, lies outside these four categories in an area of real, growing, and underserved activity.

marsbit53m ago

It Took Me a Year to See the Bitter Truth About Agent Payments

marsbit53m ago

It Took Me a Year to See the Hard Truth About Agent Payments

**Title: It Took Me a Year to See the Hard Truth About Agent Payments** Over the past year, I've worked on infrastructure for the Agent economy, engaging with major players like Stripe, Visa, Coinbase, and numerous startups. The findings reveal a stark reality: genuine, widespread demand for Agent-based payments does not yet exist. **Key Observations:** * **Agent-to-Merchant (Shopping):** The user experience for AI shopping often falls short, especially for visual product discovery. While AI excels at understanding needs, conversational interfaces can't yet replace browsing and comparing multiple products visually. Current merchant interest is largely defensive ("Agent Engine Optimization") for a future that hasn't arrived. High-frequency, low-friction purchases (like food delivery) are potential fits, but lack open APIs and face high AI inference costs. Simpler, more affordable, or cross-language interactions for complex UIs are a niche opportunity but require massive consumer distribution to scale. * **Agent-to-API (Developer Tools):** Developer payment needs for APIs (computing, data, models) are already met through subscriptions and prepaid credits. The core challenge is not payment friction but supplier economics: most large SaaS providers prefer enterprise contracts over micropayments for API calls. Protocols like MPP and x402 suit the long-tail of smaller services but cater to a developer market historically reluctant to pay for these tools. Major infrastructure needs at the top of the stack are already being addressed. * **Agent-to-Agent (Machine Commerce):** This is a long-term vision with almost no current transaction volume. While a future with high-speed, high-frequency, multi-party machine-to-machine transactions would require novel infrastructure, it remains theoretical. The market is not here yet. * **Agent-to-Finance:** This is the only category with clear, present demand. Financial professionals and DeFi users already pay for tools, and AI augmentation is a natural evolution. Autonomous AI agents can enable entirely new financial strategies. However, competition is fierce from established, regulated incumbents who can more easily layer AI onto their existing products. **The Core Insight:** Companies, especially giants with long time horizons, are building defensively for a potential future of mass machine commerce. For them, early investment is a low-cost hedge. For startups, the current market reality is different. The primary challenge isn't just moving money between agents (payments). The larger, unsolved problem is **orchestration** – coordinating work between agents and humans, verifying outcomes, and then settling. Payment is just a part of settlement, which is just a part of orchestration. Companies that solve the orchestration problem will subsume payments, not the other way around. After a year of building, we see the real, growing, and underserved market opportunity lies in this broader domain of orchestration.

链捕手1h ago

It Took Me a Year to See the Hard Truth About Agent Payments

链捕手1h ago

Claude Opus 4.8 Finds a $4.5 Billion Bug: The AI Era is Mass-Producing Hackers

A researcher discovered a critical "infinite mint" vulnerability in the Zcash cryptocurrency's Orchard protocol using Claude Opus 4.8, leading to a swift fix but also a 50% market drop, erasing billions in value. This incident highlights a new era where powerful, accessible AI models are dramatically lowering the barrier to finding software vulnerabilities. Previously, the security community feared specialized models like Claude Mythos Preview, capable of finding decades-old zero-day exploits. The Zcash case, however, involved a publicly available, general-purpose model. This shift makes advanced security auditing—and attack capabilities—accessible to far more people, not just experts. The mass democratization of vulnerability discovery brings a dual challenge: a flood of low-quality, AI-generated false reports that overwhelm maintainers, and the real, rapid uncovering of deep, dangerous bugs. Open-source projects, often understaffed and unfunded, are particularly vulnerable to this "attention DDoS." The article cites examples like curl shutting down its bug bounty program due to the unsustainable workload. Our perceived digital safety has often been luck, relying on the high cost and effort required to find deeply hidden flaws in complex systems, as seen with historical vulnerabilities like Heartbleed or Baron Samedit. AI changes this cost structure, effectively "mass-producing flashlights" to illuminate every corner of our codebase. While large companies operate extensive security chains involving external white-hat hackers and massive defensive operations, the global cybersecurity workforce faces a severe shortage, especially of experienced personnel capable of analyzing complex threats and coordinating fixes. The core dilemma emerges: AI makes *finding* bugs cheap and scalable, but *fixing* them remains a slow, expensive, and human-intensive process. The article concludes that AI won't destroy the internet but acts as a bright light, revealing that our digital existence is not inherently secure but is precariously maintained by ongoing human effort. The true cost in the AI era may not be discovery, but whether there will be enough people left willing and able to do the hard work of repair.

marsbit1h ago

Claude Opus 4.8 Finds a $4.5 Billion Bug: The AI Era is Mass-Producing Hackers

marsbit1h ago

Trading

Spot
Futures
活动图片