Trust Wallet has disclosed a $7 million security breach affecting users of its browser extension on Christmas Day. Funds were drained from multiple networks after attackers exploited a flaw introduced in a recent update, according to the company’s preliminary findings. Trust Wallet said the issue was limited to the extension and did not impact its standalone mobile app.
Users Report Unauthorized Transfers Linked to Trust Wallet Extension
Users began reporting unauthorized withdrawals from Ethereum, BNB Chain, and Polygon wallets connected to the extension early on December 25, the start of the incident. Soon after, blockchain security companies noticed an odd increase in identical outgoing transactions from addresses linked to the most recent version of Trust Wallet’s browser.
Investigators linked the attack to a flaw in an upgrade that altered the extension’s handling of transaction signing requests. By rerouting signature approvals to addresses under their control, attackers seem to have taken control of this flow.
Within hours, on-chain data revealed a well-planned robbery involving over $7 million in tokens and stablecoins, some of which had already been mixed to obscure their final destination.
The attack targeted Trust Wallet’s browser environment, an increasingly popular tool for customers seeking fast access to decentralized services. Still, it did not affect the company’s standalone app or core mobile infrastructure.
Trust Wallet Pledges Compensation While Probing Extension Exploit
By midday on December 25, the development team had disabled the affected extension update and advised users to disconnect wallets, generate new key pairs, and move remaining funds to secure addresses. Trust Wallet said the issue was isolated to the browser extension and did not affect its mobile app.
Former Binance CEO Changpeng “CZ” Zhao commented that roughly $7 million had been affected so far and said Trust Wallet would cover impacted users, adding that “user funds are SAFU.” He also noted that the team is still investigating how the malicious version was able to be submitted.
Trust Wallet has launched a forensic review alongside independent blockchain analysts to determine the full scope of the breach and establish whether supply-chain compromise played a role.
