Malicious Trust Wallet Chrome Update Drains $7M+ — Users Urged to Upgrade to v2.69

Trust Wallet Chrome extension users lost more than $7 million after a malicious update to the browser add-on, the company and blockchain sleuths confirmed. What happened - On Dec. 25 onchain investigator ZachXBT flagged a wave of wallet drains on Telegram, noting the timing coincided with a Trust Wallet Chrome extension update pushed the day before. The Trust Wallet team later confirmed the incident. - The breach targeted version 2.68 of the Trust Wallet browser extension. Users who ran that version reported funds being siphoned from their addresses within hours of the update. Who’s involved - Trust Wallet is owned by Binance. Changpeng Zhao, Binance’s co-founder, said the stolen funds will be reimbursed. - The Trust Wallet team posted on X warning users not to open version 2.68 and advising everyone to upgrade immediately to extension version 2.69. They said mobile-only users and other extension versions were not affected. Why it matters - Browser extensions can hold the private keys or signing access that let attackers authorize transfers; once compromised, funds can be moved to attacker-controlled addresses. - The incident comes as crypto thefts surged this year — Chainalysis reports $6.75 billion stolen in 2025 and a jump in personal wallet compromises to 158,000 from 64,000 last year (though the share of total value taken by personal-wallet hacks fell to 20% from 44%). What users should do now - Check your Trust Wallet extension version and update to 2.69 (reinstall from the official source if needed). - If you used version 2.68, assume compromise: move remaining assets (if possible) to a fresh wallet created on a clean device or hardware wallet, and revoke any token approvals linked to the compromised address. - Always install extensions from official stores, verify release notes, and prefer hardware wallets for large holdings. This incident underscores the continued risk posed by compromised wallet software and the importance of cautious extension management and secure key custody. Read more AI-generated news on: undefined/news