Catenaa, Tuesday, December 30, 2025-Trust Wallet has launched a formal compensation process for victims of a $7 million security breach affecting its Chrome browser extension.
The incident, discovered on December 24 in version 2.68, involved malicious code designed to steal wallet seed phrases.
Users affected can submit claims through Trust Wallet’s support portal, providing details including email, country, compromised wallet addresses, attacker addresses, and relevant transaction hashes. The company has pledged to reimburse all impacted users.
The stolen assets spanned multiple blockchains, including bitcoin, ether, and solana. Blockchain security firm PeckShield reported that over $4 million of the stolen funds had moved through centralized exchanges such as ChangeNOW, FixedFloat, and KuCoin, while around $2.8 million remained in the attacker’s wallets as of last Thursday.
Binance founder Changpeng Zhao, whose company acquired Trust Wallet in 2018, confirmed that Trust Wallet would cover all losses, assuring users that funds are secure.
The breach emerged after onchain investigator ZachXBT issued a Telegram alert on Christmas Day.
Trust Wallet released version 2.69 on December 25 to address the issue.
Trust Wallet users lost between $6 million and $7 million following a security breach of the company’s Chrome browser extension on December 24 and 25, 2025. Blockchain investigators found that malicious code in version 2.68 of a browser extension captured seed phrases during user imports. This vulnerability led to unauthorized fund transfers across several networks, including Bitcoin, Ethereum and Solana.
The stolen assets were funneled through various cryptocurrency exchanges. Initially, on-chain analyst ZachXBT tracked more than $6 million in losses across hundreds of affected wallets.
