Trust Wallet on Friday announced it has launched a formal compensation process for victims of a security incident affecting its Chrome browser extension, two days after malicious code was discovered embedded in version 2.68 of the software.
Affected users can submit claims through an official support form hosted on Trust Wallet’s portal. The process asks victims to provide their email address, country of residence, compromised wallet addresses, the attacker’s receiving addresses, and relevant transaction hashes. Trust Wallet has pledged to compensate all affected users.
“We are working around the clock to finalize the compensation process details and each case requires careful verification to ensure accuracy and security,” Trust Wallet wrote on X.
The wallet provider confirmed that approximately $7 million in digital assets were stolen across multiple blockchains, including bitcoin, ether, and solana. According to blockchain security firm PeckShield, more than $4 million of the stolen funds had already been moved through centralized exchanges including ChangeNOW, FixedFloat, and KuCoin, while approximately $2.8 million remained in the attacker’s wallets as of Thursday.
Changpeng Zhao, founder of Binance, which acquired Trust Wallet in 2018, confirmed on X that the company will cover all affected losses. “So far, $7m affected by this hack. TrustWallet will cover,” Zhao wrote, adding that user funds “are SAFU.”
The incident came to light after onchain investigator ZachXBT issued an alert on Telegram on Christmas Day warning that multiple Trust Wallet users had reported funds being drained shortly after the extension’s Dec. 24 update, The Block previously reported. Trust Wallet pushed a fix in version 2.69 on Dec. 25, with Trust Wallet CEO Eowyn Chen noting that users who logged into the extension before Dec. 26 at 11 a.m. UTC were potentially affected.
Chen said the company’s investigation found that a leaked Chrome Web Store API key was used to publish the compromised extension on Dec. 24 at 12:32 p.m. UTC, bypassing Trust Wallet’s standard internal release process. The malicious code, identified by security firm SlowMist, was designed to harvest wallet seed phrases using a modified open-source analytics library.
Mobile app users and those running other versions of the browser extension were not affected by the incident. Trust Wallet’s Chrome extension has approximately one million users according to its Web Store listing.
© 2025 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.
Trade Crypto On Coinhub Exchange
Trade Crypto On Coinhub Exchange
Stay ahead of the market by turning news insights into trading opportunities. With Coinhub Exchange, you can seamlessly buy, sell, and manage your digital assets, all in one secure platform. Take advantage of real-time market insights, deep liquidity, and fast execution for your favorite cryptocurrencies. Don’t just read about it — trade crypto now!
Disclaimer
The content of this article shown by Coinhub News, powered by The Block, is for informational purposes only and should not be construed as financial, legal, tax, or investment advice. Coinhub News and its affiliates are not a licensed financial advisor, legal advisor, broker, or tax advisor, and ... should not be considered as professional advice or a recommendation to engage in any specific investment, legal decision, or financial transaction. Cryptocurrency markets are highly speculative and volatile. Readers should perform their own independent research and consult with a qualified professional before making any financial or legal decisions. The opinions expressed in this article are those of the author and do not necessarily represent the views or opinions of the Company of its affiliates. Additionally, the Company does not make any representations or warranties regarding the accuracy, timeliness, reliability, or completeness of any information in this article. By accessing this content, you acknowledge that any reliance on the information contained in this article is solely at your own risk. The Company is not responsible for any financial losses, legal disputes, or other damages that may arise from reliance on this content or from any investment or legal decisions based on the information provided. Investing in cryptocurrencies involves substantial risks, including the risk of losing your entire investment, and you should carefully consider whether it is appropriate for your circumstances.
Read more
