Trust Wallet browser extension compromised, more than $6 million leaked
Author
Suja Sunderarajan
Author
Share
Multi-chain crypto wallet provider Trust Wallet confirmed a security breach on Thursday, with initial losses estimated at more than $6 million.
Blockchain security expert ZachXBT reported the incident after several Trust Wallet users experienced unauthorized cash flows. All victims have one thing in common – they installed the new Trust Wallet extension before the theft.
“We have identified a security issue affecting only Trust Wallet Browser version 2.68,” wrote CryptoWallet on X.
“Users with browser extension 2.68 should disable it and upgrade to 2.69.”
Following the initial report, ZachXBT reported that the number of victims grew by hundreds, with more than $6 million in SOL, BTC, and EVM tokens.
Additionally, Arkham's data showed that exploits used multiple recipient addresses to move funds across multiple wallets.
Wallet users have reported losing funds
Many Trust Wallet users reported that their funds were withdrawn from their wallet addresses within a short period of time over Christmas.
One user took to X after losing more than $300,000 after returning from Christmas. “Everything I build was stolen on Christmas Day.” The transactions took place within a 4-minute window, the user added.
Users have reported that several blockchains, including EVM-compatible networks, Bitcoin and Solana, have been victimized.
what happened
Trust Wallet released a new browser extension update on Wednesday, which users installed through the normal update process.
At first, the extension appeared to be legitimate, but hackers masked the code's address and extracted users' pedigrees and wallets.
“Reports indicate that importing Ancestry into an extension can cause instant wallet leaks,” wrote one user.
Browser extensions work with increased access to websites, cookies, storage and browsing activity. When abused, they provide a near-miss for identity theft — without triggering traditional endpoint defenses.
Recently, there have been several reports of wallet threats related to high-profile extensions. According to Hacker News, more than 40 fake wallet extensions have stolen users' keys and IPs this year.
TrustWallet stated that mobile-only users and other versions of the browser extension were not affected by the breach.
“We understand how this looks and our team is actively working on it. We will continue to share updates as soon as possible,” the team wrote on X.
Additionally, in a recent update, the wallet's customer support said it has contacted affected users.
Trending news, recommended popular crypto topics, price predictions
