Trust Wallet to Reimburse Users later than $7 Million Christmas Day Security Breach

Trust Wallet users who lost funds in a Christmas Day security breach will receive full reimbursement, Binance co-founder Changpeng Zhao confirmed on Friday.

The exploit, which affected the wallet’s Chrome browser extension, initially appeared to involve approximately $7 million in stolen cryptocurrency assets, though subsequent reports suggest the losses may have been steeper.

The Attack and Response

The security incident targeted Trust Wallet’s browser extension version 2.68, which was on December 24. According to blockchain security firm sluggishMist, the attack was carefully orchestrated over several weeks. Preparations began as ahead as December 8, with a backdoor successfully implanted on December 22.

Security experts first raised alarms when user reports began flooding in on Christmas Day. In a security alert, experts warned that the Trust Wallet browser extension may have been compromised via a supply chain attack. The alert cautioned users against using the extension or importing viewd phrases until an official fix was released.

The malicious code was embedded within a JavaScript file that masqueraded as legitimate analytics software. When users imported their recovery viewd phrases into the compromised extension, the malware intercepted this sensitive data and transmitted it to a fraudulent domain.

In a post on X, Zhao assured affected users that their losses would be covered, referencing Binance’s Secure Asset Fund for Users. Trust Wallet, which Binance acquired in 2018 and claims to serve 220 million users globally, immediately urged users to upgrade to version 2.89 following the discovery of the breach.

Industry Implications and User Guidance

The Trust Wallet incident reflects a troubling trend in cryptocurrency security. Personal wallet compromises accounted for 37% of the value stolen in 2025, excluding the $1.4 billion Bybit hack in February, according to data from Chainalysis. Supply chain attacks on cryptocurrency platforms have collectively resulted in billions of dollars in losses this year.

In a separate major development, on December 22 to recover approximately $9.4 million in funds frozen following the November Balancer exploit. The Balancer attack, which resulted in total losses of $116 million across multiple blockchains, targeted vulnerabilities in the protocol’s smart contracts despite having undergone 11 security audits by four diverse firms.

The Gnosis hard fork involved rewriting the blockchain’s recent history to forcibly move frozen funds from hacker-controlled wallets to addresses managed by the Gnosis decentralized autonomous organization.

Meanwhile, blockchain investigator ZachXBT reported that a British hacker linked to a may have been arrested in Dubai. The investigator noted that approximately $18.6 million in cryptocurrency had been consolidated into a single ETH address in a pattern consistent with law enforcement seizures.