Cryptocurrency wallet Trust Wallet issued a major security alert this morning (26th) around 6 AM, confirming a serious vulnerability in its browser extension version 2.68, leading to the outflow of user assets. Chain detective ZachXBT's tracking shows that there are already hundreds of victims, with initial estimates of losses around $6 million.
Vulnerability details and scale of loss
The official announcement states that the affected users are those who have installed the 2.68 version of the extended features on their mobile devices. Trust Wallet emphasized in the announcement:
We have released version 2.69 for patching. All browser extension users are requested to upgrade immediately.
If you are also a Trust Wallet user and have installed version 2.68 ("Do Not Import Seed Phrase") , it is best to upgrade via the official link in the Chrome Web Store. Seed phrase imported into contaminated environments should be considered leaked; a new wallet should be created and the balance migrated.
Malicious script 4482.js sneaks in through official updates
It is understood that the attackers inserted a file named 4482.js into the packaging process, claiming it was for "Analytics". When it detects a user entering a seed phrase, it sends the data to the registered domain metrics-trustwallet.com, and then uses automated scripts to quickly withdraw assets on EVM-compatible chains, Bitcoin, and Solana.
Currently, some victims have reported losses ranging from tens of thousands to hundreds of thousands of dollars. We will continue to follow up on how the authorities will proceed with potential compensation.
