Trust Wallet Chrome Extension Compromised in Supply‑Chain Attack, Users Lose $7M

TL;DR

The Trust Wallet Chrome extension was compromised after an update to version 2.68 that introduced malicious code which exfiltrated users' seed phrases. Victims have lost a combined $7 million, and Binance founder Changpeng Zhao said the company will reimburse affected users.

What happened

Researchers and incident notices indicate the Trust Wallet browser extension for Chrome was subject to an apparent supply‑chain compromise tied to its 2.68 update. The injected malicious code reportedly captured wallet seed phrases from users of the non‑custodial extension; attackers then used those phrases to move funds out of affected accounts. The combined loss reported so far is about $7 million. Trust Wallet and third‑party security observers published tweet threads documenting the incident, and Binance founder Changpeng Zhao — referenced in the reporting as no longer holding managerial responsibilities after separate criminal charges involving him and the company — said Binance would reimburse users who lost funds. The source does not provide details on who introduced the malicious code, how many individual users were affected, or the technical remediation steps taken to secure the extension.

Why it matters

• A compromised browser extension can expose seed phrases, undermining the security of non‑custodial wallets.
• Supply‑chain attacks on widely used software components can lead to rapid, large financial losses across many users.
• Reimbursement promises from large crypto firms affect user confidence but may not address long‑term security or accountability.
• The incident highlights the risk of relying on browser extensions for key management in crypto workflows.

Key facts

• Target: Trust Wallet Chrome browser extension (non‑custodial wallet).
• Trigger: Update to version 2.68 introduced malicious code, per reporting.
• Method: Malicious code reportedly exfiltrated wallet seed phrases enabling attackers to drain funds.
• Losses: Victims have lost a combined total of $7 million.
• Public posts: Trust Wallet and security firm SlowMist published tweet threads about the incident (archives cited).
• Response: Binance founder Changpeng Zhao announced Binance would reimburse affected users.
• Organizational detail: Reporting notes Zhao is said to have no managerial role at Binance after he and the company were criminally charged in the US.

What to watch next

• Whether Binance follows through on reimbursements and the mechanism and timeline for payouts (not confirmed in the source).
• If Trust Wallet or browser vendors release a security patch, remove the compromised extension, or publish a technical postmortem (not confirmed in the source).
• Attribution: investigations identifying who inserted the malicious code or how the supply‑chain compromise occurred (not confirmed in the source).

Quick glossary

• Supply‑chain attack: An attack that targets software distribution or update mechanisms to deliver malicious code to users through trusted channels.
• Non‑custodial wallet: A crypto wallet where the user controls the private keys or seed phrase, rather than a third party holding them.
• Seed phrase: A human‑readable list of words that encodes a wallet's private keys; anyone with the seed phrase can fully control the wallet's funds.
• Browser extension: A small software module that adds features to a web browser; extensions can have access to sensitive browser data depending on their permissions.

Reader FAQ

How much money was stolen in the Trust Wallet extension compromise?
$7 million combined, according to the reporting.

How did attackers take funds from users?
The report says malicious code in the 2.68 update exfiltrated seed phrases, which attackers used to drain wallets.

Will Binance reimburse affected users?
Binance founder Changpeng Zhao announced that Binance would reimburse users who lost funds.

Who was behind the attack and have arrests been made?
Not confirmed in the source.

Has the compromised extension been removed or patched?
Not confirmed in the source.

December 25, 2025 Binance's Trust Wallet extension hacked; users lose $7 million (attribution) The Trust Wallet Chrome extension was compromised in an apparent supply chain attack. People who used the non-custodial…

Sources

• Binance's Trust Wallet extension hacked; users lose $7M
• Trust Wallet Chrome Extension Breach Caused $7 Million …
• Trust Wallet Hack: $7M Compromised, Investigation Initiated
• Trust Wallet Confirms $7M Stolen in Browser Extension Hack

Related posts

• I switched to eSIM in 2025, and I am full of regret — SIM swap problems
• FBI Response to Fraud Allegations in Minnesota: Coverage and Context
• Worst Cyberattacks of 2025: University Breaches, Extortion and State Hacks