ExchangeDEX+

Buy Crypto Markets Spot FuturesGOLD Earn Event Center

Trust Wallet has confirmed a hack that led to millions of dollars in user funds being drained.What initially appeared as scattered wallet losses quickly hardenedTrust Wallet has confirmed a hack that led to millions of dollars in user funds being drained.What initially appeared as scattered wallet losses quickly hardened

Trust Wallet just got hacked on Christmas, $7M drained

Author: Coinstats

Source: Coinstats

2025/12/26 20:07

4 min read

Trust Wallet has confirmed a hack that led to millions of dollars in user funds being drained.

What initially appeared as scattered wallet losses quickly hardened into something far more serious: a confirmed supply-chain compromise of Trust Wallet’s official Chrome browser extension.

The Christmas Trust Wallet hack

The incident traces back to December 24, 2025, when Trust Wallet released version 2.68.0 of its Chrome browser extension.

The first major public alarm came from on-chain investigator ZachXBT, who linked the wallet drains directly to the v2.68 update while funds were still in motion. His warnings helped frame the incident as an extension compromise rather than a user-level mistake.

In many cases, wallets were emptied within minutes of importing a seed phrase or accessing an existing wallet through the extension.

By December 26, the picture was clearer, and Trust Wallet publicly confirmed that only the browser extension version 2.68 was affected.

Trust Wallet

@TrustWallet

·Follow

We’ve identified a security incident affecting Trust Wallet Browser Extension version 2.68 only. Users with Browser Extension 2.68 should disable and upgrade to 2.69. Please refer to the official Chrome Webstore link here: chrome.google.com/webstore/detai… Please note: Mobile-only users

1:21 am · 26 Dec 2025

2 Reply Copy link

What really went wrong

Researchers and on-chain investigators described the exploit as a straight supply-chain attack, not phishing and not user error.

According to multiple analyses shared publicly, the compromised extension contained a malicious JavaScript payload embedded in what appeared to be routine analytics code.

The script, often referenced as a file similar to “4482.js,” allegedly masqueraded as a PostHog-style integration. Its function was simple and devastating.

When users entered or accessed their recovery phrase, the data was silently exfiltrated to attacker-controlled infrastructure using domains that closely resembled legitimate Trust Wallet metrics endpoints.

Once attackers had the seed phrase, no further interaction was needed. There were no approvals to trick and no transactions to sign.

The wallet could be restored elsewhere and drained across every supported blockchain.

That is exactly what investigators observed, with rapid multi-chain sweeps affecting Bitcoin, EVM networks, Solana, and BNB Chain.

Money trailed to instant exchange services and CEXs

While some reports pointed to roughly $2.8 million in confirmed drains, others tracked more than $4 million passing through identified services. Trust Wallet has, however, confirmed that the total impact stood at approximately $7 million.

Binance founder CZ, whose company acquired Trust Wallet in 2018, also stated that losses were around $7 million and confirmed that users would be made whole.

CZ also highlighted the most uncomfortable issue raised by the incident: how a malicious build was able to reach the Chrome Web Store under an official wallet brand.

On-chain analysis reveals that the stolen funds are being transferred quickly, with a significant portion routed through instant exchange services and centralised platforms.

Public trackers cited flows into services such as ChangeNOW and FixedFloat, as well as exchanges including KuCoin and HTX.

Lookonchain

@lookonchain

·Follow

Trust Wallet(@TrustWallet) has been exploited, with hundreds of users affected and over $6.77M stolen so far. The hacker has already sent ~$4.25M to ChangeNOW, FixedFloat, KuCoin, and HTX. CZ(@cz_binance) has stated that Trust Wallet will fully cover the losses. Check hacker

9:02 am · 26 Dec 2025

616 Reply Copy link

Read 93 replies

As investigations continue, Trust Wallet has warned users to ignore any messages that did not come from official Trust Wallet channels.

The post Trust Wallet just got hacked on Christmas, $7M drained appeared first on Invezz

Market Opportunity

Intuition Price(TRUST)

$0.07474

$0.07474$0.07474

+2.29%

USD

Intuition (TRUST) Live Price Chart

Disclaimer: The articles reposted on this site are sourced from public platforms and are provided for informational purposes only. They do not necessarily reflect the views of MEXC. All rights remain with the original authors. If you believe any content infringes on third-party rights, please contact service@support.mexc.com for removal. MEXC makes no guarantees regarding the accuracy, completeness, or timeliness of the content and is not responsible for any actions taken based on the information provided. The content does not constitute financial, legal, or other professional advice, nor should it be considered a recommendation or endorsement by MEXC.

Tags:

#On-chain #CEX