Trust Wallet Hacked: What Crypto Users Should Do Now

bitcoinistPubblicato 2025-12-26Pubblicato ultima volta 2025-12-26

Introduzione

Trust Wallet has confirmed a security incident specifically affecting its Chrome browser extension version 2.68, advising users to immediately disable and upgrade to version 2.69. Mobile-only users and those on other extension versions are not impacted. The breach was first flagged by on-chain investigator ZachXBT, who reported multiple users had funds drained. Cybersecurity firm PeckShield estimates losses exceeded $6 million, with a portion sent to centralized exchanges. Trust Wallet is directing affected users to contact support, and Binance founder Changpeng Zhao has stated that Trust Wallet will cover the estimated $7 million in losses. Users are urged to update their extensions and avoid using version 2.68 until upgraded.

Trust Wallet says a “security incident” hit only one slice of its product stack: the Chrome browser extension on version 2.68. If you are a mobile-only user, the company says you’re not affected. If you are on any other extension version, the company says you’re not affected either. The problem, per Trust Wallet’s own wording, is tightly scoped, even if the fallout doesn’t feel that way when you’re staring at an emptied address.

The first public flare went up on Dec. 25 via on-chain investigator ZachXBT, who posted a Telegram warning that “a number of Trust Wallet users have reported that funds were drained from wallet addresses within the past couple of hours.”

He stressed that “the exact root cause has not been determined,” then pointed out an uncomfortable coincidence: “the Trust Wallet Chrome extension pushed a new update yesterday.” In the same message, he asked victims to DM him on X so he could “update the list of theft addresses below as I verify more,” and he began publishing alleged theft destinations across multiple chains. His list included multiple EVM addresses and a Solana address.

Trust Wallet Confirms The Hack

The wallet firm later confirmed the incident on X. “We’ve identified a security incident affecting Trust Wallet Browser Extension version 2.68 only. Users with Browser Extension 2.68 should disable and upgrade to 2.69,” the company wrote, linking users to the official Chrome Web Store listing.

It added: “Please note: Mobile-only users and all other browser extension versions are not impacted.” The post closed with the kind of line every security team ends up typing sooner or later: “We understand how concerning this is and our team is actively working on the issue. We’ll keep sharing updates as soon as possible.”

Then the guidance got more urgent, and more specific. Trust Wallet warned users who hadn’t updated to 2.69: “please do not open the Browser Extension until you have updated. This may help to ensure the security of your wallet and prevent further issues.”

In a follow-up, it spelled out a step-by-step that boils down to: don’t open the extension, go to Chrome’s extensions page for Trust Wallet, toggle it off if it’s still on, enable Developer mode, hit “Update,” and confirm you’re on version 2.69 before doing anything else. It’s not glamorous, but it’s actionable, which is what matters when you’re in incident mode.

As the claims and counterclaims swirled, cybersecurity firm PeckShield put an early dollar figure on the damage. “The Trust Wallet exploit has drained >$6M worth of cryptos from victims,” PeckShield wrote, adding that while about “~$2.8M of the stolen funds remain in the hacker’s wallets (Bitcoin/EVM/Solana), the bulk – >$4M in cryptos – has been sent to CEXs,” with a breakdown of “~$3.3M to ChangeNOW, ~$340K to Fixed Float, & ~$447K to Kucoin.”

One more pressure point surfaced quickly: compensation. ZachXBT said, “I currently have many concerned victims contacting me via DM so can your team please clarify if you will be offering any compensation for Trust Wallet Browser Extension users.” Trust Wallet did not answer that directly in public. Instead, it replied that its customer support team was already in touch with impacted users regarding next steps and directed people to reach out via its support channel.

So what should users do now, in plain terms? If you are on extension version 2.68, Trust Wallet’s instruction is to stop using it as-is: disable it and upgrade to 2.69 before you open it again. If you think you were affected, the company is routing users to support, while independent investigator ZachXBT is asking for reports to help map theft flows.

UPDATE: Binance founder Changpeng Zhao confirmed via X that user will be compensated for the hack. “So far, $7m affected by this hack. Trust Wallet will cover. User funds are SAFU. Appreciate your understanding for any inconveniences caused. The team is still investigating how hackers were able to submit a new version,” Zhao wrote today.

At press time, the total crypto market cap stood at $2.95 trillion.

Total crypto market cap sits below the 2021 high, 1-week chart | Source: TOTAL on TradingView.com

Domande pertinenti

QWhich specific version of the Trust Wallet extension was affected by the security incident?

AThe security incident affected Trust Wallet Browser Extension version 2.68 only.

QWhat is the primary action users of the affected extension version should take immediately?

AUsers on version 2.68 should disable the extension and upgrade to version 2.69 before opening it again.

QAccording to cybersecurity firm PeckShield, what was the estimated value of crypto drained in the exploit?

APeckShield reported that the exploit drained over $6 million worth of cryptocurrencies from victims.

QWho first publicly reported the potential issue with Trust Wallet on December 25th?

AOn-chain investigator ZachXBT first reported the issue via a Telegram warning.

QDid Trust Wallet or its parent company commit to compensating affected victims?

AYes, Binance founder Changpeng Zhao confirmed via X that Trust Wallet would cover the losses, stating that user funds are SAFU.

Letture associate

U.S.-Iran Ceasefire: How Much of a Bitcoin Rally Can a Truce Agreement Support?

Headline: "U.S.-Iran Truce: How Much Can a Ceasefire Agreement Propel Bitcoin's Rebound?" On June 15th, Bitcoin rebounded to around $67,255, marking its first return to the $67,000 level since falling below $60,000 earlier in June. Ethereum and Solana also saw significant gains. The immediate driver for this market-wide recovery in crypto and global risk assets was the signing of a U.S.-Iran ceasefire memorandum, with a formal ceremony scheduled for June 19th. The agreement, which includes reopening the Strait of Hormuz, caused oil prices to plunge roughly 5%, easing inflation expectations and boosting prospects for Federal Reserve rate cuts. This macroeconomic shift fueled a rally in U.S. equities, with the Dow Jones hitting a record high. SpaceX's spectacular post-IPO performance further energized market sentiment. However, on-chain and derivatives data from Glassnode suggest this move is more indicative of a technical rebound from deeply oversold conditions rather than a confirmed trend reversal. The crypto market is undergoing noticeable capital rotation. While Bitcoin ETFs recently saw their worst outflows on record, the bleeding has slowed significantly. Meanwhile, new altcoin ETFs for assets like XRP and Solana are attracting substantial inflows, causing Bitcoin's market dominance to drop to 58%. Despite the rebound, the Crypto Fear & Greed Index remains in "Extreme Fear" territory at 22. The price quickly retreated after touching the $67,000 resistance level, indicating selling pressure persists. Analysis shows short-term speculative supply has been heavily washed out, with holder structure shifting toward a more long-term profile. While panic is subsiding and some on-chain metrics point to accumulation at lower prices, the market currently lacks the strong, sustained institutional buying needed to establish a new bullish trend.

Foresight News8 min fa

U.S.-Iran Ceasefire: How Much of a Bitcoin Rally Can a Truce Agreement Support?

Foresight News8 min fa

Copper, the Gold of 2026

Copper: The New Gold for 2026? Market focus has shifted from AI chips to underlying infrastructure, with copper emerging as a key narrative. Its role is evolving beyond "Dr. Copper"—a traditional indicator of economic cycles—due to structural demand growth from AI data centers (requiring massive electrical infrastructure), grid expansion, EVs, and re-industrialization. Estimates suggest data centers alone could require 300,000 tons of copper by 2050. The core bullish thesis is not just demand but a severe supply constraint. New copper mines take ~17 years to develop, while ore grades are declining and new discoveries are scarce, potentially leading to a 30% supply deficit by 2035. This supply rigidity, coupled with strategic importance, is giving copper a "gold-like" scarcity narrative. Major macro investors, including Stanley Druckenmiller, are allocating to copper as a hedge against dollar weakness and for its exposure to energy transition and geopolitics. Traders like Pierre Andurand have projected prices could reach $40,000/ton. Capital inflows are visible in surging futures trading volumes. Copper mining stocks act as leveraged plays on copper prices. Companies like Freeport-McMoRan (FCX) and Southern Copper (SCCO), as well as Chinese miners like CMOC, have seen significant volatility, offering high upside but also steep drawdowns, reflecting operational and geopolitical risks. While copper remains cyclical and won't fully replicate gold's monetary role, its long-term fundamentals have shifted. Its new scarcity premium, driven by a tightening supply structure and expanding electrical demand, suggests its "goldification" is just beginning.

marsbit15 min fa

Copper, the Gold of 2026

marsbit15 min fa

On Its Second Trading Day, SpaceX Jumps Nearly 20%, Valuation Reaches $2.5 Trillion

SpaceX's stock surged nearly 20% on its second day of trading, propelling its valuation to $2.5 trillion and ranking it among the world's top six public companies. The monumental IPO, with a very low initial float, has ignited intense market activity. The rally, fueled by strong retail demand and a favorable macro backdrop, has also made founder Elon Musk the world's first trillionaire. Analysts highlight two key dates in July that could drive extreme volatility. On July 7th, the stock's inclusion in major indexes like the Nasdaq-100 will force massive passive fund buying, colliding with the historically low float as early shareholders remain locked up. Later in July, following the Q2 earnings call, an estimated 10-15% of shares held by early insiders (excluding Musk) will be unlocked, testing institutional demand. Behind the scenes, market observers speculate about a potential stock-for-stock "merger of equals" between SpaceX and Tesla. This could help Musk manage a looming $7 billion tax bill from expiring Tesla options and consolidate his empire under SpaceX's robust governance structure, which features super-voting shares and mandatory arbitration. The IPO's underwriter selection is seen as potentially securing support for such a future merger vote.

marsbit17 min fa

On Its Second Trading Day, SpaceX Jumps Nearly 20%, Valuation Reaches $2.5 Trillion

marsbit17 min fa

Hormuz Strait Reopening: Will the Fed Turn "Dovish" and the Market Reprice "Rate Cuts"?

The article outlines two key factors that may lead the U.S. Federal Reserve, under Chair Wash, to adopt a more dovish stance at the upcoming FOMC meeting. First, the anticipated reopening of the Strait of Hormuz is expected to ease oil and energy prices, thereby reducing upward inflationary pressures. This shift could lead the Fed to view energy prices as a neutral or even deflationary factor. Second, recent core CPI data showed significant cooling, with a monthly increase of only 0.21%, contrasting with the still-strong core PCE. This divergence supports a dovish interpretation. Market implications are significant. While the FOMC is expected to remove "easing bias" language and project unchanged rates for the year—moves already priced in—Chair Wash's potential for more dovish commentary presents an upside risk. Consequently, there is room for the market to further price out remaining hike expectations and increase expectations for rate cuts. The report notes that the 2-year Treasury yield, though down recently, remains well above February levels, indicating further potential downside as inflation risks fade.

marsbit20 min fa

Hormuz Strait Reopening: Will the Fed Turn "Dovish" and the Market Reprice "Rate Cuts"?

marsbit20 min fa

pump.fun's New Feature Brings 'Black Mirror' Into Reality

The article begins by recounting a dark fictional story from *Black Mirror* (Season 7, Episode 1 "Common People"), where a man is forced to perform humiliating tasks online to pay for his wife's life-sustaining medical subscription. It then draws a parallel to a new real-world feature on the crypto platform pump.fun called "Pump.fun Go," which allows users to post and complete paid bounty tasks. This feature gained mainstream attention, often negatively, through extreme examples. A prominent case involved a bounty of 40 SOL (~$2,600) offered to permanently tattoo "$bountywork" on one's forehead. An Indian man completed the task, stating the money "changed his life," and later earned significantly more from a related meme coin. Another bounty paid 200 SOL (~$14,000) for a "bounty.fun" forehead tattoo, with the participant simply stating, "We need the money." The article highlights how this system can amplify darkness, citing the dev behind $Bountywork who spent thousands on bounties for attention-grabbing stunts like eating bugs or drinking hot sauce for small sums. It compares this to past tragic live-streaming incidents where people harmed themselves for money, noting regulation cannot stop those in desperate need. However, it also points to positive, altruistic bounties that have emerged, such as organizing anti-work rallies in New York, performing random acts of kindness for strangers, organizing community food drives, or even helping an elderly person cross the street. The piece concludes by acknowledging the platform reflects both the dark and light sides of human nature when actions are given a price, hoping for more of the latter.

marsbit21 min fa

pump.fun's New Feature Brings 'Black Mirror' Into Reality

marsbit21 min fa

Trading

Spot
Futures
活动图片