Trust Wallet Hit by Malicious Update, $7M Stolen — What Happened and What Users Should Do Now

ccn.comPublished on 2025-12-26Last updated on 2025-12-26

Abstract

Trust Wallet's Chrome extension was compromised by a malicious update in version 2.68, leading to an estimated $7 million in stolen cryptocurrency. The breach occurred when users imported their seed phrases into the compromised extension, which secretly transmitted private keys to an attacker-controlled domain. This supply-chain attack went undetected as the malicious code was disguised as analytics software. Binance founder Changpeng Zhao confirmed that affected users would be fully reimbursed through the exchange's SAFU fund. Trust Wallet released a patched version (2.69) and advised users to disable the vulnerable extension immediately. Security experts recommend that impacted users transfer funds to new wallets, avoid reusing exposed seed phrases, and revoke existing approvals. The incident highlights the risks of browser-based wallets and underscores the importance of hardware wallets for larger holdings.

Key Takeaways

  • The Trust Wallet Chrome extension was compromised by malicious code in a recent update.
  • Users who imported seed phrases into version 2.68 lost an estimated $6–7 million.
  • Binance has said affected users will be fully reimbursed through its SAFU fund.

What should have been a quiet Christmas night turned into a nightmare for hundreds of Trust Wallet users, after a malicious update to the wallet’s Chrome extension exposed private keys and led to millions of dollars in stolen crypto.

The issue surfaced late on Dec. 25, when users began reporting that their wallets had been drained shortly after importing their recovery phrases into Trust Wallet’s browser extension.

By the time the dust settled, losses were approaching $7 million, according to Binance founder Changpeng Zhao (CZ).

Try Our Recommended Crypto Exchanges
Sponsored
Disclosure
We sometimes use affiliate links in our content, when clicking on those we might receive a commission at no extra cost to you. By using this website you agree to our terms and conditions and privacy policy.

XM.com

promotions
Get 100% Bonus up to $100 on your first Deposit.
Coins
28
Claim Offer

Bitunix

promotions
Receive up to $100,000 worth of exclusive gifts for newcomers upon registration.
Coins
151
Claim Offer

Bitget

promotions
Earn rewards worth up to 5,000 USDT on your first deposit
Coins
88
Claim Offer

Trust Wallet Hack: What Went Wrong

The breach was traced to Trust Wallet’s Chrome extension version 2.68.

Users who installed the update and imported their seed phrases unknowingly handed attackers the keys to their wallets.

Investigators later determined that the incident was the result of a supply-chain attack.

Malicious code had been quietly slipped into the extension’s JavaScript files, disguised as routine analytics functionality.

When users imported their recovery phrases, the code activated and transmitted sensitive wallet data to a domain controlled by the attacker.

Because the exploit ran silently in the background, there were no obvious warning signs.

Victims didn’t click phishing links or approve suspicious transactions. In many cases , funds disappeared almost immediately after the wallet was restored.

The attacker-controlled domain was registered shortly before the exploit went live and has since been taken offline.

Trust Wallet Responds

Trust Wallet said the vulnerability was limited to the Chrome browser extension and did not affect its mobile apps or the underlying blockchains themselves.

A patched version, 2.69, was released shortly after the issue was identified.

“We’ve identified a security incident affecting Trust Wallet Browser Extension version 2.68 only. Users with Browser Extension 2.68 should disable and upgrade to 2.69.”

Users were urged to disable the affected version immediately and update before reopening the extension.

Anyone who imported a seed phrase into version 2.68 has been advised to assume that the wallet is compromised.

While the investigation is still ongoing, early findings suggest the attack targeted the extension’s update process rather than Trust Wallet’s core infrastructure.

It’s the kind of breach that’s become increasingly common as crypto wallets rely more heavily on third-party tooling and browser environments.

Will Users Be Reimbursed? 

CZ confirmed that Binance will cover the losses using its Secure Asset Fund for Users (SAFU), saying affected users would be fully reimbursed.

“So far, $7 million has been affected by this hack. Trust Wallet will cover. User funds are SAFU. Appreciate your understanding for any inconveniences caused. The team is still investigating how hackers were able to submit a new version.”

On-chain investigators, including ZachXBT , traced more than $6 million in early losses, with individual users reporting everything from a few thousand dollars gone to much larger balances wiped out.

What Users Should Do Now

Security experts advise that anyone who interacted with the compromised version should transfer funds to a new wallet immediately and never reuse the exposed seed phrase.

Revoking existing approvals tied to affected addresses is also strongly recommended.

The incident has reignited debate around browser-based wallets, which offer convenience but come with added risk, especially during updates.

Many security professionals continue to recommend that users with larger balances rely on hardware wallets, which store private keys offline.

For Trust Wallet users, the timing couldn’t have been worse.

However, the episode serves as a stark reminder of a harsh truth in crypto: the blockchain itself may be resilient, but the software people use to access it remains a frequent point of failure.

As the industry heads into 2026, the Trust Wallet breach adds to a growing list of supply-chain attacks—and a reminder that even trusted tools can become liabilities overnight.

Top Trending Crypto Articles
  • Best Exchanges Check Out Our Recommended Exchanges Here
  • Buy Crypto Fast How To Buy Crypto with a Credit Card Now
  • Safe Crypto Gambling See Our Picks for the Best Crypto Gambling Sites

Related Questions

QWhat was the specific version of the Trust Wallet Chrome extension that was compromised in the attack?

AThe compromised version was Trust Wallet Chrome extension version 2.68.

QHow did the malicious code in the update steal users' funds?

AThe malicious code, disguised as routine analytics functionality, activated when users imported their recovery phrases and transmitted the sensitive wallet data to a domain controlled by the attacker.

QWhat action did Binance take to support the affected users?

ABinance founder Changpeng Zhao (CZ) confirmed that Binance would fully reimburse the affected users, covering the estimated $7 million in losses using its Secure Asset Fund for Users (SAFU).

QWhat should a user do if they imported their seed phrase into the compromised version 2.68?

AThey should immediately transfer their funds to a new wallet with a new seed phrase, never reuse the exposed seed phrase, and revoke any existing approvals tied to the compromised addresses.

QAccording to the article, what type of attack was this incident classified as?

AThe incident was classified as a supply-chain attack, where malicious code was slipped into the extension's update process.

Related Reads

XRP’s Quantum Readiness In 2 Years: What This Means For Investors

XRP Ledger (XRPL) developers have unveiled a four-phase roadmap to achieve full post-quantum readiness by 2028, positioning it ahead of most major blockchains in addressing this critical security challenge. The plan includes creating a fallback mechanism for fund security, testing quantum-resistant signature schemes, and deploying hybrid cryptographic solutions. Ripple’s engineering lead emphasized that this transition represents a fundamental architectural shift affecting key management and validator infrastructure. The urgency stems from growing quantum computing threats, with research indicating that advanced systems could crack current encryption methods, exposing public keys on-chain. The final phase aims for full native post-quantum cryptography implementation by 2028.

bitcoinist4m ago

XRP’s Quantum Readiness In 2 Years: What This Means For Investors

bitcoinist4m ago

U.S. Soldier Arrested After Betting on Maduro's Ouster Nets $400,000; First Insider Trading Case on Polymarket Concluded

A US Army Special Forces sergeant, Gannon Ken Van Dyke, was arrested and charged by the US Department of Justice for insider trading on the prediction market Polymarket. He used classified information related to "Operation Absolute Resolve," a military operation that led to the capture of Venezuelan President Nicolás Maduro in January 2026, to place bets on Maduro's ouster. Between December 27, 2025, and January 2, 2026, Van Dyke invested approximately $33,034 in 13 bets on Polymarket, all predicting Maduro's removal, US military intervention in Venezuela, and related events. He netted a profit of over $409,881. After the operation, he attempted to conceal his actions by withdrawing funds, changing account details, and requesting the deletion of his Polymarket account. This case marks the first time the US Justice Department has prosecuted insider trading on a prediction market. The CFTC also filed a civil suit, invoking the "Eddie Murphy Rule" from the Dodd-Frank Act, which prohibits trading based on misappropriated government information. The incident highlights broader concerns about insider trading on prediction markets, with similar cases recently reported in Israel and France. Polymarket stated it proactively reported the activity and cooperated with the investigation.

marsbit9m ago

U.S. Soldier Arrested After Betting on Maduro's Ouster Nets $400,000; First Insider Trading Case on Polymarket Concluded

marsbit9m ago

US Military Is Running A Bitcoin Node, Four-Star Admiral Reveals

US military is operating a Bitcoin node for cybersecurity experiments and network monitoring, not for financial purposes, according to Admiral Samuel Paparo, commander of US Indo-Pacific Command. During a House Armed Services Committee hearing, Paparo emphasized Bitcoin's value as a computer science tool for power projection and securing networks. He highlighted the protocol's combination of proof-of-work, blockchain, and cryptography as having direct national security implications. The military's interest lies in Bitcoin's technological applications rather than its economic aspects, viewing it as a strategic protocol for cybersecurity and digital property protection.

bitcoinist1h ago

US Military Is Running A Bitcoin Node, Four-Star Admiral Reveals

bitcoinist1h ago

Silicon Valley Godfather Naval Takes the Helm, AngelList Packs Pre-IPO Growth Companies into USVC Fund

This article discusses the USVC Venture Capital Access Fund (USVC), a new investment vehicle co-founded by prominent Silicon Valley investor Naval Ravikant through AngelList. The fund's core mission is to provide retail investors access to high-growth, pre-IPO companies—a segment of the market traditionally reserved for venture capitalists and accredited investors. USVC invests in a portfolio of late-stage private companies, including notable names like xAI, Anthropic, and OpenAI. Its key selling point is allowing ordinary investors to gain exposure to the significant value creation that occurs before a company goes public, as the average age of companies at IPO has increased from 6 years in 1980 to 13 years today. However, the article highlights several important constraints: investors buy fund shares, not direct stock; the fund carries a net annual fee of 2.5%; it offers limited liquidity through quarterly share repurchases; and investments are long-term with no fixed end date. The fund has also garnered attention in the Web3 community due to Naval’s and AngelList’s history of supporting crypto and blockchain projects, positioning USVC at the intersection of traditional venture capital and emerging digital asset investment trends.

marsbit1h ago

Silicon Valley Godfather Naval Takes the Helm, AngelList Packs Pre-IPO Growth Companies into USVC Fund

marsbit1h ago

Aave Is Surrendering the Throne of DeFi Lending Due to Its Own Stupidity

An article titled "Aave Is Giving Up Its Throne in DeFi Lending Due to Its Own Foolishness" discusses how Aave mishandled a crisis following a $292 million hack of rsETH from Kelp DAO, leading to significant outflows and reputational damage. After the hack, Aave failed to promptly reassure users or commit to covering potential bad debt—estimated between $123.7 million and $230.1 million—despite having sufficient reserves. This hesitation triggered panic, resulting in $17.2 billion in outflows and liquidity crises across multiple pools. The author argues that Aave’s poor crisis management and reluctance to act quickly exacerbated the situation, damaging its reputation as the "safest DeFi" platform. Meanwhile, competitor Spark, a fork of Aave V3, capitalized on the situation by attracting fleeing funds, growing its TVL by nearly $2 billion. Spark had previously delisted rsETH, avoiding any exposure to the hack. Its proactive communication and strategic positioning contrast sharply with Aave’s delayed response. Although Aave’s founder later announced a relief plan (DeFi United) with multiple partners and a personal donation, the damage to user trust and liquidity may be lasting. The article concludes that Aave’s missteps have allowed competitors like Spark, Morpho, and Jupiter Lend to challenge its dominant position in DeFi lending.

marsbit1h ago

Aave Is Surrendering the Throne of DeFi Lending Due to Its Own Stupidity

marsbit1h ago

Trading

Spot
Futures

Hot Articles

What is DOGE M

Doge Matrix ($doge m): The New Breed of Community-Driven Cryptocurrency Introduction In the ever-evolving landscape of cryptocurrency, new projects constantly emerge, each aiming to capture the interest of investors and enthusiasts alike. One of the latest entrants to this domain is Doge Matrix, represented by the ticker symbol $doge m. This project has attracted attention thanks to its roots in the popular meme culture surrounding Dogecoin, establishing its place within the web3 space. This article aims to provide a comprehensive analysis of Doge Matrix, covering its overview, creator, investors, functionality, timeline, and notable aspects. What is Doge Matrix ($doge m)? Doge Matrix is a community-driven cryptocurrency project that seemingly builds upon the widespread appeal of Dogecoin, a digital currency known for its Shiba Inu mascot and its meme origins. While the overarching objectives of Doge Matrix are not extensively defined, it is characterised by a commitment to harnessing community involvement and support. Unlike traditional cryptocurrencies that often emphasise utility or intrinsic value through underlying technologies, Doge Matrix positions itself within a space that embraces the cultural phenomenon of cryptocurrencies, particularly appealing to those who resonate with the ethos of meme-based assets. Drawing on the strengths of the Dogecoin community, Doge Matrix operates as part of a broader ecosystem, inviting participation and engagement from users who share an interest in cryptocurrency and the digital landscape. Who is the Creator of Doge Matrix ($doge m)? The identity of the creator of Doge Matrix remains unknown. This lack of transparency is not an uncommon occurrence in the cryptocurrency space, where some projects are launched without revealing the identities of their founders. The absence of information regarding the founding team can raise questions among potential investors about the project’s accountability and direction. Who are the Investors of Doge Matrix ($doge m)? As it stands, there is no publicly available information detailing the investors or investment foundations that back Doge Matrix. The project appears to rely primarily on community support rather than institutional investment. This model aligns with the community-driven nature of the initiative, fostering an environment where the direction of the project is shaped by its participants rather than being dictated by a select few financial backers. How Does Doge Matrix ($doge m) Work? The specifics regarding the operational mechanisms of Doge Matrix are somewhat vague, reflecting a broader trend of projects in the meme coin space where innovative functionalities are not always clearly articulated. Nonetheless, Doge Matrix seems designed to tap into the existing cryptocurrency ecosystem by encouraging user participation while tapping into the familiar cultural references associated with Dogecoin. Its potentially unique characteristics derive from community interactions rather than technological advancements, emphasising shared experiences and collaboration among token holders. While the exact innovations have not been explicitly outlined, the project appears to create a space where community members can engage, share ideas, and propel the project's potential forward. Timeline of Doge Matrix ($doge m) Reflecting on the project’s timeline reveals notable events that have defined its journey thus far: November 25, 2024: Doge Matrix reached its all-time high value, marking a significant milestone in its early history. January 1, 2025: Conversely, Doge Matrix hit its all-time low value, illustrating the volatility often associated with cryptocurrencies, especially in the early stages of a project's lifecycle. Ongoing: The project continues to be actively traded and supported by its community, although specific future milestones or objectives have yet to be disclosed. Key Points About Doge Matrix ($doge m) Community Focus At the heart of Doge Matrix is a commitment to community engagement. The project thrives on the premise of collaboration and shared objectives among its members, emphasising the importance of collective effort. Unlike centralised projects that often have a defined leadership structure, Doge Matrix at present showcases a more fluid approach to governance, where every community member's voice matters. Volatility The cryptocurrency market is notorious for its volatility, and Doge Matrix is no exception. Its price history reflects significant fluctuations between high and low values, which is typical of many new cryptocurrencies but underscores the risks associated with investment in emerging tokens. Lack of Detailed Information One of the most striking features about Doge Matrix is the scarcity of detailed information regarding its technological underpinnings and operational mechanisms. This ambiguity necessitates that potential investors conduct thorough due diligence before engaging with the project. Conclusion In summary, Doge Matrix ($doge m) illustrates a new wave of cryptocurrency projects that lean heavily on community engagement and cultural relevance. While lacking in certain specifics—such as clear leadership, defined objectives, and detailed functionality—the project has managed to generate interest within the crypto community, leveraging the established appeal of meme culture. As with any investment in the cryptocurrency space, understanding the inherent risks and conducting comprehensive research is essential for potential participants. Doge Matrix stands as a reminder of the dynamic, sometimes unpredictable nature of the crypto industry, marked by constant evolution and enthusiasm for community-driven initiatives.

369 Total ViewsPublished 2025.02.03Updated 2025.02.03

What is DOGE M

What is $M

Understanding Mantis ($M): A New Era in Cross-Chain Interoperability In the continually evolving landscape of Web3 and cryptocurrency, new projects strive to offer innovative solutions aimed at enhancing the user experience and expanding functional possibilities within the decentralised financial ecosystem. One such project garnering attention is Mantis ($M), a pioneering protocol founded on the principles of cross-chain interoperability and intent-based settlements. This article delves into the essential aspects of Mantis, including its core functionality, creators, investment backing, innovative features, and critical milestones. What is Mantis ($M)? Mantis is described as a multi-domain intent settlement protocol that simplifies cross-chain interactions, enabling users to execute complex financial transactions across various blockchain platforms seamlessly. The protocol operates through three primary layers: Intent Expression: Users can articulate their transaction goals using natural language facilitated by the DISE LLM, an advanced AI language model. For instance, a user might express a desire to swap Ethereum (ETH) for Solana (SOL) with a specific slippage tolerance of 1%. Execution: This layer employs a network of solvers that compete to fulfil user intents. Transactions are executed using mechanisms such as Coincidence of Wants (CoWs) and Order Flow Auctions (OFAs), which ensure that user demands are met optimally. Settlement: Leveraging the Inter-Blockchain Communication (IBC) protocol, Mantis enables atomic cross-chain transactions, allowing users to operate across various supported chains, including Ethereum, Solana, and Cosmos. Mantis is engineered to introduce native yield generation for idle assets, employing cryptographic proofs to maintain the integrity of transactions throughout the entire process. Creators & Development Team Mantis was conceived by the Composable Foundation, a research-driven organisation notable for its emphasis on blockchain interoperability solutions. This foundation collaborates with esteemed academic institutions, including Harvard University and the University of Lisbon, contributing to extensive research and development efforts that inform Mantis's architecture and functionality. The Composable Foundation’s commitment to fostering innovation in the blockchain space positions Mantis as a robust solution for the growing demand for interoperability among multiple blockchain networks. Investors & Backing While specific details about individual investors have not been publicly disclosed, Mantis enjoys substantial backing from various entities, including: Ecosystem grants from IBC-enabled chains, which support the protocol's growth and integration within decentralised finance ecosystems. Strategic partnerships with infrastructure providers that enhance Mantis's network capabilities and deployment strategies. Funding through the Composable Foundation's treasury, ensuring sustained financial support for ongoing development and operational costs. These collaborative efforts reflect a consensus among stakeholders about the importance of enhancing cross-chain functionality and the potential utility of Mantis's infrastructural innovations. Key Innovations Mantis sets itself apart through several pioneering innovations that enhance its functionality and utility: Chain-Agnostic Intents: Users can initiate transactions from any supported chain while settling on another. This flexibility empowers users, driving increased interaction among different platforms. AI-Powered Interface: The integration of DISE LLM allows users to conduct complex DeFi operations using natural language, thereby simplifying interactions and making blockchain technology accessible to a broader audience. Cross-Domain MEV Capture: Mantis creates an internal market for maximal extractable value (MEV) through competitions among solvers. This innovative approach allows for greater efficiency and value extraction in complex transactions. Modular Settlement Layer: The protocol supports various verification methods, including zero-knowledge proofs and optimistic rollups, providing a versatile framework that can adapt to emerging blockchain technologies. Historical Timeline Mantis's development is marked by several critical milestones that chart its trajectory and growth: | Year | Milestone | |————|————————————————————————-| | 2022 | Initial concept development within the Composable Foundation's research division. | | Q3 2024 | Launch of the testnet with bridging capabilities between Solana and Ethereum. | | Q1 2025 | Anticipated Token Generation Event (TGE) alongside the mainnet launch. | | Q2 2025 | Expected integration of DISE LLM and expansion of cross-chain capabilities. | | 2025 H2 | Planned support for over 15 chains through further IBC upgrades. | This timeline outlines Mantis's evolution, from conceptual discussions to active implementation and future growth phases. Ecosystem Growth Strategy Mantis's strategy for ecosystem growth includes several initiatives designed to encourage user participation and developer engagement: Credits System: Users can earn protocol credits by providing liquidity and engaging in referral programmes. These credits are redeemable for incentives in the future, fostering a robust user community. Modular Software Development Kit (SDK): This toolkit empowers developers to create applications based on intent-driven models utilising Mantis's infrastructure, thus promoting innovation within its ecosystem. Governance Model: As the protocol matures, $M token holders will have a voice in protocol governance, allowing them to vote on proposed upgrades and changes, thereby enhancing community engagement and decentralisation. Mantis represents a significant advancement in the realm of cross-chain architecture. By seamlessly integrating advanced AI algorithms with a robust settlement framework, Mantis seeks to tackle the problems of fragmentation within multi-chain ecosystems. Its innovative approach prioritises improved user experiences while adhering to the foundational principles of decentralisation and security, setting a new standard for the future interoperability of blockchain technologies. As Mantis continues its journey of growth and implementation, it promises to be a project to watch closely in the competitive landscape of Web3 and decentralised finance. With its focus on crossing boundaries and elevating user engagement, Mantis is poised to be an integral part of the future developments in the cryptocurrency space.

41 Total ViewsPublished 2025.03.18Updated 2025.03.18

What is $M

Discussions

Welcome to the HTX Community. Here, you can stay informed about the latest platform developments and gain access to professional market insights. Users' opinions on the price of M (M) are presented below.

活动图片

Top Questions