thecryptobasic.com
Trust Wallet has confirmed a security breach affecting a specific version of its browser extension.
The disclosure follows warnings from an independent blockchain investigator, who estimates that attackers drained more than $6 million during the incident.
How the Incident Emerged
The issue first surfaced on Thursday when on-chain investigator ZachXBT alerted the crypto community via Telegram. According to his post, multiple Trust Wallet users reported unauthorized withdrawals from their wallet addresses within a short timeframe.
As similar accounts began to surface, concern spread rapidly across social media platforms. ZachXBT noted, however, that the technical root cause of the breach had not yet been determined at that stage.
Possible Link to a Recent Extension Update
While the investigation was still ongoing, ZachXBT highlighted a potentially significant pattern. Many of the reported losses appeared shortly after Trust Wallet released an update to its Chrome browser extension.
Based on early on-chain tracking, the investigator estimated that attackers siphoned more than $6 million. Moreover, the funds were taken from hundreds of wallet addresses, suggesting a coordinated exploit rather than isolated incidents.
Trust Wallet Identifies Affected Version
Later the same day, Trust Wallet issued a public statement on X acknowledging the issue. The company confirmed that the breach was limited to Browser Extension version 2.68.
To mitigate further risk, Trust Wallet urged users running that version to disable it immediately and upgrade to version 2.69 as soon as possible. Additionally, users who had not yet updated were advised not to open the extension until the upgrade was completed.
At the same time, the company also sought to reassure its broader user base, stating that mobile-only users were not affected and that no other browser extension versions were compromised.
Trust Wallet added that its security team is actively investigating the incident and will continue to provide updates as more information becomes available.
Binance Founder Confirms Compensation Plan
Shortly after, Binance founder and Trust Wallet owner Changpeng Zhao addressed the situation publicly. In a post on X, Zhao said total losses had reached approximately $7 million.
He also confirmed that Trust Wallet would fully compensate affected users and emphasized that customer funds remain protected, using the industry term “SAFU” to reinforce confidence.
So far, $7m affected by this hack. @TrustWallet will cover. User funds are SAFU. Appreciate your understanding for any inconveniences caused. 🙏
The team is still investigating how hackers were able to submit a new version. https://t.co/xdPGwwDU8b
— CZ 🔶 BNB (@cz_binance) December 26, 2025
Part of a Broader Trend in Crypto Exploits
The Trust Wallet breach comes amid a broader increase in crypto-related attacks, including exploits and phishing campaigns across the industry.
Specifically, data from blockchain analytics firm Chainalysis indicates that crypto theft exceeded $3.41 billion between January and early December 2025, slightly surpassing the $3.38 billion recorded during the same period last year.