Key Takeaways
- Trust Wallet users were hit by an extension exploit that drained over $6 million from their wallets on Christmas.
- Trust Wallet confirmed the incident on social media, saying that only the browser extension version 2.68 was affected.
Trust Wallet on Thursday confirmed a security incident affecting version 2.68 of its Chrome extension and urged users to disable the extension and upgrade immediately. The team said its mobile app and other versions of the browser extension were not impacted.
We’ve identified a security incident affecting Trust Wallet Browser Extension version 2.68 only. Users with Browser Extension 2.68 should disable and upgrade to 2.69.
Please refer to the official Chrome Webstore link here: https://t.co/V3vMq31TKb
Please note: Mobile-only users…
— Trust Wallet (@TrustWallet) December 25, 2025
The incident was first reported by on-chain sleuth ZachXBT on December 25. According to the analyst, numerous Trust Wallet users have experienced unauthorized withdrawals following an update to the Chrome extension that happened the day before.
At the time of initial reporting, more than $6 million had been drained from affected wallets.
The exact technical root cause has not yet been confirmed. Trust Wallet said an investigation is underway and that the team will share updates as soon as they are available.
