{"id":65266,"date":"2025-12-26T11:16:33","date_gmt":"2025-12-26T11:16:33","guid":{"rendered":"https:\/\/dogewisperer.com\/?p=65266"},"modified":"2025-12-26T11:16:33","modified_gmt":"2025-12-26T11:16:33","slug":"trust-wallet-hacked-what-crypto-users-should-do-now","status":"publish","type":"post","link":"https:\/\/dogewisperer.com\/?p=65266","title":{"rendered":"Trust Wallet Hacked: What Crypto Users Should Do Now"},"content":{"rendered":"
\n

Trust Wallet says a \u201csecurity incident\u201d hit only one slice of its product stack: the Chrome browser extension on version 2.68. If you are a mobile-only user, the company says you\u2019re not affected. If you are on any other extension version, the company says you\u2019re not affected either. The problem, per Trust Wallet\u2019s own wording, is tightly scoped, even if the fallout doesn\u2019t feel that way when you\u2019re staring at an emptied address.<\/p>\n

The first public flare went up on Dec. 25 via on-chain investigator ZachXBT<\/a>, who posted a Telegram warning that \u201ca number of Trust Wallet users have reported that funds were drained from wallet addresses within the past couple of hours.\u201d<\/p>\n

He stressed that \u201cthe exact root cause has not been determined,\u201d then pointed out an uncomfortable coincidence: \u201cthe Trust Wallet Chrome extension pushed a new update yesterday.\u201d In the same message, he asked victims to DM him on X so he could \u201cupdate the list of theft addresses below as I verify more,\u201d and he began publishing alleged theft destinations across multiple chains. His list included multiple EVM<\/a> addresses and a Solana address.<\/p>\n

\n

NEW: @zachxbt<\/a> SAYS \u201cA NUMBER OF TRUST WALLET USERS HAVE REPORTED THAT FUNDS WERE DRAINED FROM WALLET ADDRESSES WITHIN THE PAST COUPLE OF HOURS\u201d<\/p>\n

SOURCE: https:\/\/t.co\/4shDweZnJF<\/a> pic.twitter.com\/MkbQWZKGCc<\/a><\/p>\n

\u2014 DEGEN NEWS (@DegenerateNews) December 25, 2025<\/a><\/p>\n<\/blockquote>\n

Trust Wallet Confirms The Hack<\/h2>\n

The wallet firm later confirmed the incident on X. \u201cWe\u2019ve identified a security incident affecting Trust Wallet Browser Extension version 2.68 only. Users with Browser Extension 2.68 should disable and upgrade to 2.69,\u201d the company wrote, linking users to the official Chrome Web Store listing.<\/p>\n

It added: \u201cPlease note: Mobile-only users and all other browser extension versions are not impacted.\u201d The post closed with the kind of line every security team ends up typing sooner or later: \u201cWe understand how concerning this is and our team is actively working on the issue. We\u2019ll keep sharing updates as soon as possible.\u201d<\/p>\n

Then the guidance got more urgent, and more specific. Trust Wallet warned users who hadn\u2019t updated to 2.69: \u201cplease do not open the Browser Extension until you have updated. This may help to ensure the security of your wallet and prevent further issues.\u201d<\/p>\n

\n

We\u2019ve identified a security incident affecting Trust Wallet Browser Extension version 2.68 only. Users with Browser Extension 2.68 should disable and upgrade to 2.69.<\/p>\n

Please refer to the official Chrome Webstore link here: https:\/\/t.co\/V3vMq31TKb<\/a><\/p>\n

Please note: Mobile-only users\u2026<\/p>\n

\u2014 Trust Wallet (@TrustWallet) December 25, 2025<\/a><\/p>\n<\/blockquote>\n

In a follow-up, it spelled out a step-by-step that boils down to: don\u2019t open the extension, go to Chrome\u2019s extensions page for Trust Wallet, toggle it off if it\u2019s still on, enable Developer mode, hit \u201cUpdate,\u201d and confirm you\u2019re on version 2.69 before doing anything else. It\u2019s not glamorous, but it\u2019s actionable, which is what matters when you\u2019re in incident mode.<\/p>\n

As the claims and counterclaims swirled, cybersecurity firm PeckShield put<\/a> an early dollar figure on the damage. \u201cThe Trust Wallet exploit has drained >$6M worth of cryptos from victims,\u201d PeckShield wrote, adding that while about \u201c~$2.8M of the stolen funds remain in the hacker\u2019s wallets (Bitcoin\/EVM\/Solana), the bulk \u2013 >$4M in cryptos \u2013 has been sent to CEXs,\u201d with a breakdown of \u201c~$3.3M to ChangeNOW, ~$340K to Fixed Float, & ~$447K to Kucoin.\u201d<\/p>\n

One more pressure point surfaced quickly: compensation. ZachXBT said, \u201cI currently have many concerned victims contacting me via DM so can your team please clarify if you will be offering any compensation for Trust Wallet Browser Extension users.\u201d Trust Wallet did not answer that directly in public. Instead, it replied that its customer support team was already in touch with impacted users regarding next steps and directed people to reach out via its support channel.<\/p>\n

So what should users do now, in plain terms? If you are on extension version 2.68, Trust Wallet\u2019s instruction is to stop using it as-is: disable it and upgrade to 2.69 before you open it again. If you think you were affected, the company is routing users to support, while independent investigator ZachXBT is asking for reports to help map theft flows.<\/p>\n

UPDATE: Binance founder<\/a> Changpeng Zhao confirmed<\/a> via X that user will be compensated for the hack. \u201cSo far, $7m affected by this hack. Trust Wallet will cover. User funds are SAFU. Appreciate your understanding for any inconveniences caused.\u00a0The team is still investigating how hackers were able to submit a new version,\u201d Zhao wrote today.<\/p>\n

At press time, the total crypto market cap stood at $2.95 trillion.<\/p>\n

\"Total<\/div>\n","protected":false},"excerpt":{"rendered":"

Trust Wallet says a \u201csecurity incident\u201d hit only one slice of its product stack: the Chrome browser extension on version 2.68. If you are a mobile-only user, the company says you\u2019re not affected. If you are on any other extension version, the company says you\u2019re not affected either. The problem, per Trust Wallet\u2019s own wording, […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"iawp_total_views":0,"footnotes":""},"categories":[2],"tags":[3,4,5],"class_list":["post-65266","post","type-post","status-publish","format-standard","hentry","category-news","tag-crypto","tag-doge","tag-news"],"_links":{"self":[{"href":"https:\/\/dogewisperer.com\/index.php?rest_route=\/wp\/v2\/posts\/65266","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dogewisperer.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dogewisperer.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dogewisperer.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/dogewisperer.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=65266"}],"version-history":[{"count":0,"href":"https:\/\/dogewisperer.com\/index.php?rest_route=\/wp\/v2\/posts\/65266\/revisions"}],"wp:attachment":[{"href":"https:\/\/dogewisperer.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=65266"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dogewisperer.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=65266"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dogewisperer.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=65266"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}