Around December 25, 2025, an incident involving the unauthorized theft of a large number of user funds from Trust Wallet, a non-custodial wallet under the Binance umbrella, was revealed. ZachXBT, known for his on-chain investigations, pointed out the issue that day, reporting that multiple Trust Wallet users had reported that their wallet funds had been withdrawn without permission within the past few hours.
The damage was not limited to a single chain; at least eight addresses on Ethereum Virtual Machine (EVM)-compatible chains were confirmed to have been stolen, as were multiple addresses on Bitcoin and Solana. Total damage is estimated to be at least $6 million (approximately 900 million yen).
While ZachXBT stated that "the exact root cause has yet to be identified," he noted that the incident occurred after the Trust Wallet Chrome extension was updated to a new version (2.68) on December 18.
In response, the Trust Wallet team began an investigation, and on December 25th officially announced that "a security incident affecting only version 2.68 of the browser extension has been confirmed."
According to Trust Wallet's official explanation, only extension version 2.68 was affected, and users of that version were urged to immediately disable the extension and update to the fixed version 2.69.
The company states that the mobile app version and other extension versions have not been affected, and the details of the cause are still under investigation. While compensation and other measures to be taken for affected users have not yet been decided, the support team is currently contacting affected users individually and is investigating the issue.
.png%3Ffm%3Dwebp&w=3840&q=75)
