Trust Wallet Browser Extension Hacked: Millions in Crypto Stolen After Malicious Update

Trust Wallet, one of the most popular non-custodial cryptocurrency wallets, has suffered a major security breach involving its browser extension. Following a malicious update, attackers were able to steal millions of dollars in digital assets from users’ wallets, raising serious concerns about browser-based crypto wallet security.

The incident occurred after the release of Trust Wallet Browser Extension version 2.68 on December 24, 2025. Shortly after installing the update, users began reporting unauthorized transactions and sudden loss of funds. On-chain investigators confirmed that attackers exploited a vulnerability that allowed them to access users’ seed phrases, giving full control over affected wallets.

According to blockchain analytics data, hundreds of Trust Wallet users were impacted by the breach. Early estimates indicate that more than $6 million worth of cryptocurrency was stolen across multiple blockchains, including Ethereum, Bitcoin, Solana, and other EVM-compatible networks. Some security researchers believe total losses could exceed $7 million as more affected wallets are identified.

Several victims reported that their wallets were drained within minutes of importing their recovery phrase into the compromised browser extension. Blockchain investigator ZachXBT noted that the stolen funds were quickly transferred across multiple addresses and chains, suggesting an automated exploit rather than individual phishing attacks. In just 26 transactions, attackers reportedly stole over $10.6 million, with the largest single loss amounting to 666 ETH, worth approximately $2 million at the time.

Further investigation revealed that the compromised update contained a malicious JavaScript component disguised as legitimate code. This component silently extracted wallet seed phrases and transmitted them to the attacker. Once the seed phrase was compromised, attackers were able to move funds instantly without user authorization.

Trust Wallet officially confirmed the breach and urged users to immediately disable the affected browser extension. The company released an updated version, 2.69, and advised users to upgrade only through the official Chrome Web Store. Trust Wallet also clarified that the vulnerability only affected browser extension version 2.68 and that users of the mobile app were not impacted.

In a public response, Trust Wallet warned users not to enter their seed phrases into browser extensions until the issue is fully resolved. Binance founder Changpeng Zhao also addressed the situation, stating that Trust Wallet would compensate users who lost funds as a result of the attack and assure the community that affected users would be reimbursed.

The Trust Wallet hack highlights growing security risks associated with browser-based crypto wallet extensions. Because browser extensions operate with elevated permissions and access to sensitive data such as private keys and local storage, they have become a prime target for attackers. Security experts also point to the increasing number of supply-chain attacks, where legitimate software updates are altered to include malicious code, as a major threat to the crypto industry.

Users who rely on Trust Wallet or similar browser wallets are advised to take immediate security measures. This includes disabling the compromised extension, upgrading only through official sources, avoiding entering seed phrases into browser extensions, and considering mobile wallets or hardware wallets for long-term asset storage. Monitoring wallet activity and contacting official support channels is strongly recommended if suspicious transactions are detected.

In summary, the Trust Wallet browser extension hack resulted in millions of dollars in stolen cryptocurrency following a malicious update released in late December 2025. With losses estimated between $6 million and over $7 million, the incident serves as a critical reminder of the risks associated with browser-based crypto wallets and the importance of strong operational security practices when managing digital assets.