- Security Breach Confirmed: Trust Wallet’s Chrome extension v2.68 contained malicious code, leading to $7 million in user losses.
- Compensation Underway: The company pledges full refunds and has opened a submission form for affected users.
- Industry Implications: Incident underscores risks in software updates and the need for enhanced supply chain security.
Trust Wallet, a leading non-custodial cryptocurrency wallet, has begun compensating users affected by a recent security incident involving its Chrome browser extension. The breach, linked to a software update released on December 24, resulted in approximately $7 million in stolen funds from hundreds of users across various blockchains.
Malicious Code Injection: According to reports, the vulnerability stemmed from hidden malicious code in version 2.68 of the extension, which activated when users imported their seed phrases. This allowed attackers to drain wallets holding assets like Bitcoin and Solana. Trust Wallet quickly released an updated version, v2.69, urging users to upgrade immediately.
The company confirmed the scope of the incident in an official statement on X, noting that funds were siphoned shortly after the update. “We’ve confirmed that approximately $7M has been impacted and we will ensure all affected users are refunded,” Trust Wallet posted, emphasizing their commitment to user support.
Compensation Details: Victims are instructed to submit claims via an official form on the Trust Wallet support site. The team is prioritizing reviews, with each case undergoing verification for accuracy and security. While the process is ongoing, Trust Wallet has warned against scams impersonating support channels.
This event comes amid heightened scrutiny of wallet security, following similar incidents in the crypto space. Analysts note that supply chain attacks pose significant risks, potentially eroding user trust if not addressed swiftly. However, Trust Wallet’s prompt response and full refund pledge may mitigate long-term damage, as quoted in a related analysis on Cryptopress.site.
Broader Context: The hack affects a small fraction of Trust Wallet’s 220 million users but serves as a reminder of the importance of KYC-free wallets’ vulnerabilities. Industry experts recommend using hardware wallets for large holdings and verifying updates through official sources to avoid similar exploits.
Disclaimer: This article is for informational purposes only and does not constitute advice of any kind. Readers should conduct their own research before making any decisions.
© Cryptopress. For informational purposes only, not offered as advice of any kind.
