Trust Wallet hack: $7M stolen and promised refunds

Trust Wallet hack: how millions were stolen and what is known now
Author profile photo
December 26, 2025
~4 min read

A hack of the Trust Wallet browser extension for Chrome occurred. Only version 2.68 turned out to be vulnerable. Users were losing money, withdrawals were happening automatically and extremely fast, without their involvement. Trust Wallet acknowledged the incident, confirmed that the issue affects this version only, and promised to compensate users for their losses.

Amid such events, many users need to react quickly. Quickex helps to quickly and profitably exchange cryptocurrency when you need to act without delays.

Who raised the alarm first

Initial complaints came from users who started noticing strange withdrawals. The scale of the issue was publicly highlighted by analyst ZachXBT. He linked the suspicious activity spike to Trust Wallet version 2.68 and revealed addresses where stolen funds were flowing. Additional public attention came from personal victim stories, including the case of a crypto community member known as @yunaintern, who reported losing around $300 000 in just a few minutes.

How the attack developed

The attack scenario currently looks like this.

  1. On December 24, an update of the Trust Wallet Chrome extension was released with version 2.68.
  2. Users installed the update and continued using the wallet.
  3. A malicious code fragment ended up inside the update.
  4. Those who imported a seed phrase or connected their wallet through this version were at highest risk.
  5. Under certain user actions, the malicious code activated and started transmitting data to a third-party domain.
  6. Hackers gained access to wallets.
  7. Funds were withdrawn automatically and very quickly, sometimes within minutes.
  8. The attack affected several networks, including Bitcoin, Ethereum and Solana.
  9. Funds accumulated on collector wallets, while part of the money went through ChangeNOW, FixedFloat, KuCoin and HTX.
  10. Users began massively reporting losses.
  11. Analysts linked the spike in withdrawals specifically to version 2.68.
  12. Trust Wallet acknowledged the incident and required users to update to version 2.69.
  13. The company confirmed approximately $7M in damages and announced reimbursements.

What is happening with the stolen funds

Blockchain analysts continue monitoring the movement of stolen assets. According to Arkham Intelligence, over $1,7M has been accumulated across wallets associated with the attack. One of the key wallets holds around 221 ETH worth approximately $658 000 and about 7,2 BTC worth around $643 000, along with DIGAU, BNB, PYUSD, USDT, USDC and USEU totaling tens of thousands of dollars. Balances started rising rapidly between December 24 and 26, which matches the attack timeline. New inflows were recorded even after public warnings appeared, as not all users managed to disable the vulnerable version in time.

Many users in situations like this prefer to quickly rebalance funds. Quickex helps to exchange cryptocurrency to fiat safely and without unnecessary hassle.

Trust Wallet’s official position

The company stated the following:

  • only browser extension version 2.68 was vulnerable;
  • mobile applications were not affected;
  • total losses are estimated at around $7M;
  • all affected users will be compensated;
  • detailed refund instructions are being prepared.

Users are also warned not to trust “fake support” messages and to rely only on official channels.

What users should do now

If a user has launched version 2.68, Trust Wallet recommends:

  1. Do not open the vulnerable extension version.
  2. Open chrome://extensions/?id=egjidjbpglichdcondbcbdnbeeppgdph.
  3. Disable the extension if it is still active.
  4. Enable Developer Mode.
  5. Click Update.
  6. Make sure version 2.69 is installed.

It is also worth checking transaction history, revoking unnecessary dApp permissions and contacting support if needed.

What this means for the market

The Trust Wallet incident showed how dangerous software supply-chain attacks have become. The problem did not come from a fake website or phishing clone — it appeared inside an official update. Browser wallets work with keys and transactions and directly affect user funds, which means even one vulnerable version can lead to multimillion losses. Developers will now have to treat update procedures and internal security even more strictly, while users need to be more cautious and avoid keeping all funds in a single tool.

FAQ

Who was affected by the Trust Wallet hack

Users of the Trust Wallet Chrome browser extension who used version 2.68.

What damage has been officially confirmed

Trust Wallet reports approximately $7M in losses.

Will users receive compensation

Yes, the company confirms that affected users will receive refunds.

Were mobile versions of Trust Wallet affected

The company states that mobile applications were not affected.

What should I do if I used version 2.68

Disable the extension, update to 2.69, check your transaction history and contact support if necessary.

Where can I easily monitor crypto prices and exchange quickly

Quickex allows you to conveniently track cryptocurrency prices and perform fast exchanges when you need to act without delays.

Crypto News
0.0
(0 ratings)
Click on a star to rate it

You send:

You send:

Network

Floating

You receive:

You receive:

Network

Exchange