Trust Wallet Hacked: What Crypto Users Should Do Now

Trust Wallet says a “security incident” hit only one slice of its product stack: the Chrome browser extension on version 2.68. If you are a mobile-only user, the company says you’re not affected. If you are on any other extension version, the company says you’re not affected either. The problem, per Trust Wallet’s own wording, is tightly scoped, even if the fallout doesn’t feel that way when you’re staring at an emptied address.

The first public flare went up on Dec. 25 via on-chain investigator ZachXBT, who posted a Telegram warning that “a number of Trust Wallet users have reported that funds were drained from wallet addresses within the past couple of hours.”

He stressed that “the exact root cause has not been determined,” then pointed out an uncomfortable coincidence: “the Trust Wallet Chrome extension pushed a new update yesterday.” In the same message, he asked victims to DM him on X so he could “update the list of theft addresses below as I verify more,” and he began publishing alleged theft destinations across multiple chains. His list included multiple EVM addresses and a Solana address.

NEW: @zachxbt SAYS “A NUMBER OF TRUST WALLET USERS HAVE REPORTED THAT FUNDS WERE DRAINED FROM WALLET ADDRESSES WITHIN THE PAST COUPLE OF HOURS”

SOURCE: https://t.co/4shDweZnJF pic.twitter.com/MkbQWZKGCc

— DEGEN NEWS (@DegenerateNews) December 25, 2025

Trust Wallet Confirms The Hack

The wallet firm later confirmed the incident on X. “We’ve identified a security incident affecting Trust Wallet Browser Extension version 2.68 only. Users with Browser Extension 2.68 should disable and upgrade to 2.69,” the company wrote, linking users to the official Chrome Web Store listing.

It added: “Please note: Mobile-only users and all other browser extension versions are not impacted.” The post closed with the kind of line every security team ends up typing sooner or later: “We understand how concerning this is and our team is actively working on the issue. We’ll keep sharing updates as soon as possible.”

Then the guidance got more urgent, and more specific. Trust Wallet warned users who hadn’t updated to 2.69: “please do not open the Browser Extension until you have updated. This may help to ensure the security of your wallet and prevent further issues.”

We’ve identified a security incident affecting Trust Wallet Browser Extension version 2.68 only. Users with Browser Extension 2.68 should disable and upgrade to 2.69.

Please refer to the official Chrome Webstore link here: https://t.co/V3vMq31TKb

Please note: Mobile-only users...

— Trust Wallet (@TrustWallet) December 25, 2025

In a follow-up, it spelled out a step-by-step that boils down to: don’t open the extension, go to Chrome’s extensions page for Trust Wallet, toggle it off if it’s still on, enable Developer mode, hit “Update,” and confirm you’re on version 2.69 before doing anything else. It’s not glamorous, but it’s actionable, which is what matters when you’re in incident mode.

As the claims and counterclaims swirled, cybersecurity firm PeckShield put an early dollar figure on the damage. “The Trust Wallet exploit has drained >$6M worth of cryptos from victims,” PeckShield wrote, adding that while about “~$2.8M of the stolen funds remain in the hacker’s wallets (Bitcoin/EVM/Solana), the bulk – >$4M in cryptos – has been sent to CEXs,” with a breakdown of “~$3.3M to ChangeNOW, ~$340K to Fixed Float, & ~$447K to Kucoin.”

One more pressure point surfaced quickly: compensation. ZachXBT said, “I currently have many concerned victims contacting me via DM so can your team please clarify if you will be offering any compensation for Trust Wallet Browser Extension users.” Trust Wallet did not answer that directly in public. Instead, it replied that its customer support team was already in touch with impacted users regarding next steps and directed people to reach out via its support channel.

So what should users do now, in plain terms? If you are on extension version 2.68, Trust Wallet’s instruction is to stop using it as-is: disable it and upgrade to 2.69 before you open it again. If you think you were affected, the company is routing users to support, while independent investigator ZachXBT is asking for reports to help map theft flows.

UPDATE: Binance founder Changpeng Zhao confirmed via X that user will be compensated for the hack. “So far, $7m affected by this hack. Trust Wallet will cover. User funds are SAFU. Appreciate your understanding for any inconveniences caused. The team is still investigating how hackers were able to submit a new version,” Zhao wrote today.

At press time, the total crypto market cap stood at $2.95 trillion.