ZachXBT flags suspected Trust Wallet extension issue as users report drained funds

ambcryptoPublicado em 2025-12-25Última atualização em 2025-12-25

Resumo

Security concerns emerged around the Trust Wallet browser extension on December 25, after blockchain investigator ZachXBT flagged suspicious activity potentially linked to a recent update. Reports suggest a supply-chain compromise may have been introduced in a December 24 update, where newly added code could silently exfiltrate sensitive wallet data—particularly during seed phrase imports—leading to immediate fund draining. Multiple users reported losses, with unverified estimates exceeding $2 million. The malicious code allegedly sent data to a recently registered external domain mimicking Trust Wallet infrastructure. The issue appears limited to the browser extension, with no evidence of mobile app compromise. Trust Wallet has not yet issued an official response or advisory. Researchers emphasize the situation remains under investigation, warning users to avoid importing seed phrases into the extension until clarified. If confirmed, this would represent a significant supply-chain attack.

Security concerns have emerged around the Trust Wallet browser extension on 25 December, after blockchain investigator ZachXBT flagged suspicious activity potentially linked to a recent update, prompting warnings from developers and security-focused accounts.

According to posts circulating on X, the issue may stem from a suspected supply-chain compromise introduced in a 24 December browser extension update.

Newly added code within the extension could silently exfiltrate sensitive wallet data when users import a seed phrase. The claims suggest that this has led to immediate wallet draining.

Alleged Trust Wallet malicious code and data exfiltration claims

Developers examining the extension allege that a JavaScript file added in the update contains logic disguised as analytics.

The code is said to activate specifically when a seed phrase is imported. It then silently transmits wallet-related data to an external domain designed to resemble official Trust Wallet infrastructure.

The domain referenced in the reports was reportedly registered only days ago and has since gone offline.

Researchers argue that its recent creation and the timing of the extension update raise concerns about a coordinated supply-chain attack rather than user-side phishing.

Users report wallet drains following seed imports

Multiple users have reported wallets being drained shortly after importing seed phrases into the Trust Wallet browser extension.

Publicly shared estimates suggest that more than $2 million may have been lost. Although these figures have not been independently verified.

Analysts indicate that funds were routed through multiple addresses, a pattern more commonly associated with automated exploitation than isolated user error.

Scope appears limited to browser extension

At this stage, there is no indication that Trust Wallet’s mobile applications are affected.

The warnings circulating online are focused specifically on the browser extension. This is where update mechanisms and third-party dependencies present higher supply-chain risk.

Users are advised not to import seed phrases into the Trust Wallet browser extension until further clarification is provided.

No official response from Trust Wallet yet

As of the time of writing, Trust Wallet has not issued any public response, clarification, or security advisory addressing the allegations.

There has been no confirmation or denial of the claims, nor any announcement of an extension, rollback, or emergency patch.

Investigation ongoing

Researchers have emphasized that the situation remains under active investigation. Conclusions should not be drawn until the extension code and related on-chain activity have been fully reviewed.

If confirmed, the incident would represent a serious supply-chain compromise.

This is a class of attack that differs significantly from phishing or user-side mistakes. Also, it has historically resulted in rapid, large-scale losses across the crypto ecosystem.

Final Thoughts

  • The allegations point to a potentially serious supply-chain risk affecting wallet extensions, underscoring how code updates can become a critical attack vector if compromised.
  • With no response yet from Trust Wallet, users and researchers are left relying on independent investigation as scrutiny around the incident continues.

Perguntas relacionadas

QWhat security concern was flagged by ZachXBT regarding the Trust Wallet browser extension?

AZachXBT flagged suspicious activity potentially linked to a recent update of the Trust Wallet browser extension, suggesting it could be a supply-chain compromise that leads to the silent exfiltration of sensitive wallet data and immediate draining of funds.

QHow does the suspected malicious code in the Trust Wallet extension allegedly operate?

AThe malicious JavaScript code, added in an update and disguised as analytics, is said to activate when a user imports a seed phrase. It then silently transmits wallet-related data to an external domain designed to look like official Trust Wallet infrastructure.

QWhat is the estimated financial impact based on user reports, and how were the funds moved?

APublicly shared estimates suggest that more than $2 million may have been lost, though this is unverified. Analysts indicate the funds were routed through multiple addresses, a pattern associated with automated exploitation rather than isolated user error.

QAre Trust Wallet's mobile applications also affected by this suspected compromise?

ANo, there is no indication that Trust Wallet’s mobile applications are affected. The warnings are specifically focused on the browser extension, which has higher supply-chain risk due to its update mechanisms and third-party dependencies.

QWhat is the current status of Trust Wallet's official response to these allegations?

AAs of the time the article was written, Trust Wallet had not issued any public response, clarification, or security advisory addressing the allegations. There has been no confirmation, denial, or announcement of an emergency patch.

Leituras Relacionadas

Cardano Founder Warns XRP Investors, Is Ripple Doing Something Wrong?

Cardano founder Charles Hoskinson has warned XRP investors, claiming Ripple is dumping its XRP holdings to fund business acquisitions without benefiting token holders. He alleges Ripple controls 80% of the supply and uses sales to build Web 2.5 companies, with no buybacks or value distribution to XRP investors. Hoskinson also notes the lack of staking or DeFi mechanisms on XRPL reduces organic demand. Despite Ripple CEO Brad Garlinghouse calling XRP central to their vision, Hoskinson compares Ripple to Tether in accruing value solely for itself. XRP price fell nearly 2% to around $1.40.

bitcoinistHá 2m

Cardano Founder Warns XRP Investors, Is Ripple Doing Something Wrong?

bitcoinistHá 2m

Strategy Surpasses 800K BTC as $2.5B Bitcoin Buying Spree Continues

MicroStrategy, the world's largest public Bitcoin holder, has increased its total holdings to over 815,000 BTC after purchasing an additional 34,164 BTC for approximately $2.54 billion. This acquisition, executed at an average price of $74,395 per bitcoin, is the company's third-largest purchase by coin count. The buying spree, which occurred between April 13 and 19, was primarily funded through the sale of the company's STRC perpetual preferred security. The firm's average purchase price for its entire holdings now stands at $75,527 per bitcoin.

TheNewsCryptoHá 35m

Strategy Surpasses 800K BTC as $2.5B Bitcoin Buying Spree Continues

TheNewsCryptoHá 35m

Shiba Inu Crosses 20,000 Burn Transactions Milestone, Dogecoin Eyes X Money, But Why Are Prices Down?

Shiba Inu has surpassed 20,000 burn transactions, aiming to reduce its large token supply, while Dogecoin gains attention due to speculation about its potential integration into X's payment system, referred to as X Money. Despite these developments, both cryptocurrencies are experiencing downward price trends. Shiba Inu trades around $0.000006, showing short-term declines and limited demand, indicating that burn efforts alone aren't enough to boost prices in a weak market. Similarly, Dogecoin remains around $0.09, far from bullish projections, as market sentiment remains cautious without concrete implementation details. Ecosystem progress is overshadowed by a lack of strong capital inflows and broader crypto market uncertainty.

bitcoinistHá 1h

Shiba Inu Crosses 20,000 Burn Transactions Milestone, Dogecoin Eyes X Money, But Why Are Prices Down?

bitcoinistHá 1h

First Batch of Keynote Speakers and Partners Announced! Web2+3 Summit: Defining the Next Generation of Digital Economy

Web2+3 Summit: Defining the Next Generation of Digital Economy The 6th BEYOND International Technology Innovation Expo (BEYOND Expo 2026), Asia's largest tech and ecosystem exhibition, is launching a dedicated Web2+3 stage for the first time. Co-hosted by BEYOND Expo and ChainNeXT Group, the Web3 Summit will take place from May 28–30, 2026. Against the backdrop of accelerating global tech integration, the boundaries between Web2 and Web3 are rapidly blurring. With clearer global regulations for blockchain-driven internet (Web3) and the special issuance of a Hong Kong dollar stable币 license by the Hong Kong SAR government on April 10, 2026, Web3's decentralized principles are quickly merging with traditional industries (Web2) such as e-commerce, finance, and artificial intelligence. Focused on blockchain-driven digital economy elements, the summit will center on three core principles—implementability, commercial viability, and compliance. It will bring together top Web3 experts to discuss key integration areas like stablecoin payment finance (PayFi), real-world asset tokenization (RWA), and decentralized AI (DeAI), unveiling new opportunities for industrial innovation. The first wave of confirmed speakers includes Jack Kong (Director of Hong Kong Cyberport, Chairman of Nano Labs), Yat Siu (Chairman of Animoca Brands), Michael Wu (Co-founder & CEO of Amber Group), Michael Heinrich (Co-founder & CEO of 0G), and Art Abal (Co-founder of Vana). More Web3 ecosystem pioneers, AI, and fintech experts will be announced soon. Core forum topics include: - Web2+DeAI: New AI Paradigms Driven by Decentralized Infrastructure - Web2+RWA: Real-World Asset Tokenization and Global Liquidity - Web2+PayFi: Cross-Border Payments and Financial Innovation Powered by Crypto Infrastructure - Web2+3 AI: Autonomous Agents and the Crypto Economy - Web2+3 Wealth: On-Chain and Off-Chain Integrated Investment Ecosystems - Web2+3 Commerce: A New Landscape for Global Trade Driven by Stablecoins Additional agenda details will be released in the near future.

marsbitHá 2h

First Batch of Keynote Speakers and Partners Announced! Web2+3 Summit: Defining the Next Generation of Digital Economy

marsbitHá 2h

Crypto Whale Wallets Accumulate Ozak AI Aggressively as Presale Funding Surpasses $6.8 Million

Crypto whales are aggressively accumulating Ozak AI tokens as the project's presale funding exceeds $6.8 million, signaling strong institutional interest. Analysts view this as strategic, long-term positioning rather than speculative trading, especially as large-cap assets like Bitcoin and Ethereum face growth compression. Ozak AI's presale has sold over 1.05 billion $OZ tokens at $0.014 each, attracting sustained demand from both whales and sophisticated retail investors. The project's AI-native utility, including Prediction Agents and EigenLayer integration, along with associations with Pyth Network and other firms, adds credibility. Market pullbacks are accelerating accumulation, with whales rotating into early-stage AI assets. A projected $1 listing target suggests significant upside potential post-listing.

TheNewsCryptoHá 2h

Crypto Whale Wallets Accumulate Ozak AI Aggressively as Presale Funding Surpasses $6.8 Million

TheNewsCryptoHá 2h

Trading

Spot
Futuros
活动图片

Categorias popularesright-arrow

Etiquetas Popularesright-arrow