Trust Wallet confirmed a browser extension breach incident, causing over $6 million in losses, prompting urgent updates and renewed user security warnings.
Trust Wallet has confirmed a security incident affecting a specific browser extension version. As a result, users lost their cryptos in unforeseen amounts. The problem became apparent after several wallets reported a sudden draining of funds. As a result, the incident immediately attracted the attention of the community. Moreover, blockchain investigators started to track the suspicious transactions across networks.
Trust Wallet Confirms Extension Vulnerability After User Alerts
The incident was made public when on-chain investigator ZachXBT posted an alert on Telegram. He warned that several Trust Wallet users started to lose money quickly. Importantly, though, the reports came at a time of a recent update to the Chrome extension. However, the exact technical cause was not clear at first. Still, there was evidence pointing down a version-specific hole.
The company confirmed that version 2.68 of the browser extension was affected. In contrast, mobile-only users were not affected. Other extension versions were also safe. Therefore, Trust Wallet asked users to disable version 2.68 immediately. Users were advised to upgrade to version 2.69 immediately.
Related Reading: Trust Wallet Security Hack: How to Safeguard Your Crypto Assets
ZachXBT estimated that more than $6 million was stolen by the attackers. According to his findings, hundreds of users were affected. Meanwhile, the hacker was said to have used flashloans to transfer stolen assets. From then on, over $4 million transferred to centralized exchanges.
Importantly, the vulnerability gave attackers direct access to the assets of users. As a result, unauthorized outflows occurred in affected wallets. The victims of the exploit were primarily browser extensions. In comparison, the Trust Wallet mobile application stayed secure throughout the incident.
Security Guidance Issued as Users Await Reimbursement Clarity
After the confirmation, Trust Wallet shared recommended security actions. First, users should update their extension software as soon as possible. This step assures access to the latest security patches. Second, users were encouraged to migrate assets. Moving money to the mobile app provides biometric authentication. Therefore, security risks can be reduced.
Additionally, users were advised to keep a good check on the wallet transactions. Regular checks to help pick up on unauthorized activity at an early stage. Consequently, prompt action can control potential losses. Trust Wallet said that its team is actively looking into it. Moreover, the company promised to share the updates as soon as possible.
This breach comes on top of an earlier breach of information at Trust Wallet in November 2022. At the time, there was a WebAssembly vulnerability that led to losses of almost $170,000. Trust Wallet later paid all affected users. However, the breach currently stands much larger. Therefore, the reimbursement expectations are still unclear.
As of December 2025, there is no official plan for compensation. Nevertheless, the users still wait for clear communication. The magnitude of losses has added pressure to the company. Furthermore, the incident underscores the persistent security risks in browser-based wallets.
Overall, the Trust Wallet breach demonstrates the importance of timely updates. It also represents increasing sophistication on the part of attackers. For this reason, users are reminded to be cautious. Regular updates, asset diversification, and ongoing monitoring remain crucial. The situation also reopens discussion of the issue of custodial risks. Therefore, the security standards across the industry could come under the spotlight again.
Source: https://www.livebitcoinnews.com/trust-wallet-browser-extension-breach-triggers-6m-user-losses/
