Binance Covers $7M Trust Wallet Hack as Malware Strains Crypto Security Trust

Generated by AI AgentMira SolanoReviewed byAInvest News Editorial Team
Friday, Dec 26, 2025 9:15 pm ET2min read
Aime RobotAime Summary

- Trust Wallet's Chrome extension version 2.68 was hacked, stealing $7M from users via malicious code in an update.

- Binance co-founder Zhao pledged full reimbursement, emphasizing the breach was limited to the compromised extension.

- Attackers exploited a supply-chain vulnerability to steal seed phrases, with stolen funds tracked to exchanges.

- The incident highlights browser extensions as critical attack vectors, prompting calls for stronger crypto security standards.

- Users are advised to use hardware wallets and verify updates, as the breach exposed vulnerabilities in software custody models.

Trust Wallet Security Breach: $7 Million Stolen from Users

Trust Wallet, a widely used cryptocurrency wallet, is grappling with a security breach that has drained over $7 million from users' accounts. The incident was first flagged by onchain investigator ZachXBT on December 25, with reports emerging that the Chrome extension version 2.68 was

compromised
. Trust Wallet users who had installed the update found their funds disappearing, as attackers gained access to sensitive wallet data. The wallet team
confirmed the breach
and urged users to avoid the affected extension version and upgrade to 2.69.

Changpeng Zhao, co-founder of Binance and Trust Wallet, has reassured affected users that they will be fully reimbursed for the losses. He emphasized that the issue was

isolated to the compromised extension
and that the core systems and mobile app remain secure. The breach highlights growing concerns about the security of software supply chains in the cryptocurrency industry, with browser extensions emerging as a prime attack vector.

The malicious code, embedded in the update for version 2.68, allowed attackers to steal seed phrases and drain wallets. Users who had imported their recovery phrases into the extension

unwittingly handed over access
to their funds. The stolen assets were tracked moving to exchanges by investigators, with individual losses ranging from tens of thousands of dollars up to millions. Trust Wallet has released version 2.69 to address the issue, and users are advised to disable the compromised version immediately.

Why the Breach Occurred

The attack appears to have been a supply-chain exploit, where malicious code was injected into an official update. Unlike typical phishing attacks, users did not click on suspicious links or approve unauthorized transactions; the breach occurred silently in the background. The compromised extension was reported to have

transmitted sensitive wallet data
to a domain controlled by the attacker. Researchers from SlowMist suggested that the attacker began preparations as early as December 8 and successfully implanted the backdoor by December 22. This timeline indicates a premeditated attack, raising questions about internal security protocols and potential insider involvement.

Reactions and Next Steps for Users

Binance and Trust Wallet have taken swift action, with Zhao confirming that the company will cover all losses using its Secure Asset Fund for Users (SAFU). This reassurance has helped to mitigate immediate panic among users, though it also highlights a paradox: while self-custody is often promoted as a way to avoid intermediaries, users still look to project leaders for support during crises. Trust Wallet is working with security partners and law enforcement to trace the attackers and recover what can be recovered.

For users, the incident serves as a stark reminder to treat wallet updates with caution. Security experts recommend verifying versions, downloading only from official sources, and waiting for community confirmation before installing new extensions. Those who used the compromised version are advised to transfer funds to a new wallet and avoid reusing the exposed seed phrase. Hardware wallets, which store private keys offline, are increasingly seen as a safer option for larger balances.

Broader Implications for the Crypto Industry

The Trust Wallet incident underscores the growing vulnerabilities in the crypto ecosystem, particularly around browser-based wallets. As crypto adoption continues to rise, so too do the number and sophistication of cyberattacks.

According to Chainalysis
, personal wallet compromises accounted for a significant portion of stolen assets in 2025. The breach also reopens the debate around centralized versus decentralized custody. While exchanges face criticism for holding user funds, wallet providers now face scrutiny when their software fails.

The incident has also reignited calls for stronger industry-wide security standards. Practices such as reproducible builds, tamper detection, and independent audits are being advocated as essential measures to prevent future attacks. As the industry moves into 2026, the Trust Wallet breach serves as a cautionary tale: even the most trusted tools can become points of failure when software security is not rigorously maintained.

Comments



Add a public comment...
No comments

No comments yet