Trust Wallet Issues Urgent Update Following Security Breach

Trust Wallet issued an emergency alert on December 25, 2025, urging Chrome users to disable extension version 2.68 due to a hidden script stealing private keys and seed phrases.

The vulnerability led to losses of about $7 million, prompting Trust Wallet to initiate full refunds and issue a mandatory update, highlighting security challenges in browser-based crypto tools.

Trust Wallet has warned Chrome users to update their browser extensions following a breach affecting users’ private keys and seed phrases.

This significant breach impacts users financially and highlights security vulnerabilities within browser extensions.

Trust Wallet’s Immediate Response to Chrome Breach

On December 25, 2025, Trust Wallet identified a hidden JavaScript script on its Chrome extension version 2.68, leading to the compromise of users’ private keys. Trust Wallet rapidly issued an emergency update to version 2.69 to address the breach and safeguard user assets.

$7 Million Lost as Wallets Drained

The breach resulted in approximately $7 million in losses as private keys were stolen and used to drain wallets across multiple blockchain networks. Trust Wallet has committed to refunding all affected users, focusing on preventing further exploitive scams through official communication channels.

Lessons from Past Chrome Extension Attacks

This incident reflects previous malicious Chrome extensions that have targeted cryptocurrency wallets by impersonating trustworthy providers to gather sensitive data. Increased scrutiny on browser extension security may result in more stringent measures as companies aim to prevent such breaches in the future.