On December 30, Trust Wallet released an update on the security vulnerability in its browser extension version 2.68. The incident affected users of version 2.68 who opened and logged in through the Trust Wallet browser extension between December 24 and 26. If users received push notifications through the Trust Wallet mobile application or saw a security incident banner on the Trust Wallet browser extension, they may still be using the compromised wallet.
It has been confirmed that 2,520 wallet addresses were affected by this incident and funds were stolen by the attackers, with a total affected asset value of approximately $8.5 million. These assets are linked to 17 wallet addresses controlled by the attackers. Trust Wallet has decided to proactively compensate affected users and is refining its compensation process and ownership verification procedures. The company has also begun communicating with victims who have been in contact with them over the past few days. Affected users are encouraged to submit an application through the official support form.
