Trust Wallet Faces $7M Security Breach, Promises Full Refunds

Trust Wallet Confirms $7M Impact from Security Breach

Trust Wallet has reported a security breach affecting its browser extension, resulting in approximately $7 million in losses. The company has assured users of full refunds as they finalize recovery measures.

Incident Limited to Extension v2.68

The security issue was confined to version 2.68 of Trust Wallet's Chrome extension. Users of this version were advised to disable it immediately and upgrade to version 2.69, which has been deemed secure.

Initial warnings came from blockchain investigator ZachXBT, who noticed unusual activity leading to drained funds after seed phrases were imported. Subsequent analyses suggested a possible supply-chain vulnerability introduced in a recent update.

Security Guidance and User Protection

Trust Wallet has instructed users to avoid opening the affected extension, disable it via Chrome settings, and manually update to version 2.69. They emphasized caution against unofficial messages to prevent secondary scams.

The investigation is ongoing, and Trust Wallet promises further updates as the refund process progresses.

Implications for Browser Extension Security

This incident has highlighted the importance of browser extension security in the crypto industry, especially concerning supply-chain risks that can introduce vulnerabilities. Trust Wallet is committed to keeping users informed as they work through the situation.

Conclusion

• The $7 million impact emphasizes the rapid escalation potential of browser extension vulnerabilities.
• This event underscores the need for robust update protocols and vigilant key management in crypto wallet software.