Bitcoin News Today: Hackers Siphon $16M from TrustWallet via Malicious Update

Generated by AI AgentCaleb RourkeReviewed byAInvest News Editorial Team
Thursday, Dec 25, 2025 6:24 pm ET2min read
TWT
--
BTC
--
ETH
--
Aime RobotAime Summary

- Hackers drained $16M from TrustWallet via a malicious software update, stealing TWT, BTC, and ETH by compromising private keys.

- The attack exemplifies rising supply chain threats in crypto, bypassing traditional security by exploiting trusted update mechanisms.

- Experts warn of $3.3B in 2025 crypto thefts, urging stronger measures like address poisoning prevention and third-party audit transparency.

- Users are advised to verify updates through official channels and adopt hardware wallets to mitigate evolving infrastructure risks.

TrustWallet Hack Explained: From Update to Wallet Drains Worth $16M in $TWT, BTC, ETH

A recent hack of the TrustWallet platform drained over $16 million in cryptocurrency, including $TWT,

Bitcoin
(BTC), and
Ethereum
(ETH). The attack reportedly began with a seemingly routine software update, which users installed without suspicion. Once the malicious code was active, attackers siphoned funds from affected wallets, leaving victims with empty balances and no immediate recourse.

The incident highlights a growing trend in the crypto space: supply chain attacks. These sophisticated breaches bypass traditional code vulnerabilities by compromising trusted infrastructure or third-party dependencies. TrustWallet's hack is a prime example of how attackers are shifting strategies as blockchain protocols become more secure.

Security experts warn that such attacks are becoming more frequent and more damaging. In 2025, hackers stole $3.3 billion in total, though the number of incidents dropped compared to previous years,

according to blockchain security firm CertiK
. The decline in incident counts is a sign of improved protocol-level security, but the median size of losses has remained high, suggesting that attackers are focusing on larger, more strategic targets.

Why the Standoff Happened

The TrustWallet breach was likely a supply chain exploit. In these types of attacks, hackers infiltrate trusted third-party services or update mechanisms to deliver malicious payloads.

CertiK noted
that supply chain attacks accounted for $1.45 billion in losses in 2025, with the Bybit hack in February being one of the most severe cases. These attacks are particularly dangerous because they rely on users' trust in the software or service they are using.

In the case of TrustWallet, the compromised update allowed hackers to access private keys or transaction signing mechanisms without user interaction. Once installed, the malicious code began draining funds from affected wallets. The speed and scale of the theft indicate that the attackers had detailed knowledge of the platform's architecture and user behavior.

Risks to the Outlook

The rise of supply chain attacks signals a new era in crypto security. Unlike traditional code exploits, these breaches are harder to detect and patch. Attackers are no longer limited to targeting a single protocol or smart contract; they are now going after the infrastructure that supports them.

Binance co-founder Changpeng Zhao recently

called for stronger security measures
to combat similar threats, such as address poisoning. He proposed that wallets should block or flag suspicious addresses before users send funds. While such measures could help prevent some attacks, they are not foolproof against supply chain compromises.

Regulatory and cybersecurity experts are also calling for more transparency from service providers. The Indian government, for example, has expressed concerns about the misuse of mobile numbers on platforms like WhatsApp

according to a report
. A similar approach—tracking and reporting suspicious activity—could help identify and mitigate supply chain threats in the crypto space.

What This Means for Investors

Investors and users are increasingly exposed to sophisticated attacks like the TrustWallet breach. While protocol-level security is improving, the threat landscape is evolving. Phishing, address poisoning, and infrastructure attacks are becoming more common and harder to detect.

According to CertiK
, phishing scams alone cost investors over $722 million in 2025. The TrustWallet incident underscores the need for vigilance when downloading software or accepting updates. Users should verify the authenticity of updates through official channels and consider using multi-factor authentication and hardware wallets for added protection.

For institutional investors and crypto firms, the breach serves as a warning. Companies must reassess their third-party dependencies and implement stricter security protocols. The recent FCC ban on Chinese-made drones also reflects growing global concerns about supply chain risks

according to a report
. In the crypto space, similar scrutiny could lead to more stringent regulations and oversight.

As the industry continues to mature, so too do the tactics of those seeking to exploit it. The TrustWallet hack is a stark reminder that even the most trusted platforms are not immune to attack. Investors must remain vigilant and adapt to the evolving threats in real time.

author avatar
Caleb Rourke

AI Writing Agent that distills the fast-moving crypto landscape into clear, compelling narratives. Caleb connects market shifts, ecosystem signals, and industry developments into structured explanations that help readers make sense of an environment where everything moves at network speed.