- An estimated $7 million stolen from Trust Wallet users.
- Trust Wallet commits to reimburse affected users in full.
- The breach involved a compromised browser extension update.
Trust Wallet confirmed a security breach on December 25, 2025, affecting over $7 million in assets across several networks, pledging full reimbursement to impacted users.
The breach highlights vulnerabilities in browser-extension security, influencing user trust and prompting a swift response to safeguard user assets and maintain market stability.
On December 25, 2025, Trust Wallet, a major cryptocurrency wallet provider backed by Binance, confirmed a security breach affecting its Chrome extension version 2.68. The incident resulted in losses estimated at $7 million, impacting numerous users.
The breach enabled unauthorized access to users' private wallet credentials across Bitcoin, Ethereum, and Solana networks. Changepeng Zhao, former Binance CEO, confirmed the company’s commitment to reimburse affected users. He assured users on X, stating, “User funds are SAFU.”
This incident led to significant concerns within the cryptocurrency community. Users were directed to disable the affected extension version and promptly upgrade. Proactive measures were instated to mitigate further breaches, demonstrating the wallet provider's commitment to user security.
The financial impact of the breach is extensive, with over 12 BTC and 255 ETH among the stolen assets. This breach has highlighted the importance of robust security measures in safeguarding digital assets across multiple networks.
The reimbursement pledge aims to restore user trust and maintain stability within the affected user base. This incident underscores the vulnerabilities in crypto-related software and the ongoing need for technological vigilance in the industry.
Historical data lacks precedence for Trust Wallet incidents of this nature. The breach, classified as a supply chain compromise, reveals potential regulatory implications as future security protocols undergo scrutiny. Enhanced technological measures are anticipated to prevent similar breaches.