Trust Wallet Browser Extension v2.68 Breach: $7M in Losses Across BTC, Solana, and EVM

Source: CryptoTale Original Title: Trust Wallet Browser Extension Compromised, $7 Million Lost Original Link: https://cryptotale.org/trust-wallet-browser-extension-compromised-7-million-lost/

Overview

Trust Wallet confirmed a critical security breach tied to its browser extension, leading to widespread unauthorized crypto outflows. The incident affected users who installed version 2.68 shortly before Christmas. Hackers exploited the update, extracted seed phrases, and drained approximately $7 million across Bitcoin, Solana, and EVM networks.

Mobile-only users and other extension versions were not affected. However, the timing, scale, and speed of losses intensified concern across the self-custody community.

Extension Update Linked to Fast Wallet Drains

Trust Wallet released a browser extension update on December 24 through standard browser distribution channels. Soon after, users reported missing funds, with transactions occurring within minutes of wallet access. Several victims stated drains followed immediately after importing seed phrases into the extension.

On-chain investigator ZachXBT issued an alert after receiving multiple independent user reports, stating that hundreds of wallets were affected with initial losses exceeding $6 million. Subsequent tracking showed funds moving through multiple receiving addresses.

Affected blockchains included Bitcoin, Solana, and several EVM-compatible networks. This multi-chain impact suggested a wallet-level compromise rather than a single protocol exploit.

Code Analysis Raises Supply-Chain Concerns

Following the alerts, independent researchers examined the extension’s updated codebase. A JavaScript file, identified as 4482.js, contained newly added logic that researchers alleged was activated during seed phrase imports.

The code appeared to transmit data to a domain labeled metrics-trustwallet[.]com. Community researchers observed that the domain was registered only days earlier, then went offline. However, these findings came from third-party analysis, not an official audit.

Trust Wallet acknowledged a “security incident” affecting browser extension version 2.68 only. The company advised users to disable the extension immediately and upgrade to version 2.69. Trust Wallet stated that the update fixed the issue and urged users to download only from official stores.

User Impact and Response

Several users publicly detailed losses during the Christmas holiday. One user reported losing over $300,000 within a four-minute window. Others claimed losses ranging from thousands to hundreds of thousands of dollars.

Trust Wallet’s support team contacted affected users regarding next steps. Additionally, the company’s founder confirmed that verified losses would be covered. “So far, $7m affected by this hack,” with assurances that user funds remain secure.

The company did not name the attacker and said the incident was caused by an issue involving a third party. Investigations are still ongoing as researchers track the remaining funds and impacted wallets.

Broader Context

The incident occurred during a wider increase in crypto thefts throughout 2025. According to recent estimates, crypto theft exceeded $3.41 billion year-to-date. The Trust Wallet breach added to growing concerns around browser-based wallet security.

Users were urged to avoid importing seed phrases into browser extensions and to enable additional security measures on their accounts.