Trust Wallet Extension Breach: $4.3M Vanishes as Chrome Update Goes Wrong

A critical security incident struck Trust Wallet users following the rollout of Chrome extension version 2.68.0 in late December. Within hours of the update deployment, multiple accounts experienced rapid fund drains across major cryptocurrencies including Bitcoin, Ethereum, and BNB. The breach highlighted the vulnerability of browser-based wallet solutions and raised serious questions about the security protocols behind wallet updates.

The Drains Unfold at Speed

On-chain investigator ZachXBT documented the aftermath of what appeared to be a coordinated attack. Wallet balances plummeted immediately after seed phrases were imported into the updated extension. Unlike typical gradual account drains, these transfers showed no staging or time delays. Instead, exploiters moved stolen assets rapidly through multiple receiving addresses, creating a complex routing pattern that linked numerous compromised wallets together.

The attack surface was notably wide. Bitcoin, Ethereum, and BNB holders all reported losses, with blockchain data revealing consistent transaction structures across reported cases. The exploitation window appeared concentrated around the hours immediately following the extension release, suggesting attackers had either anticipated the vulnerability or acted upon its discovery with precision timing.

On-Chain Trail Points to $4.3 Million Impact

Blockchain analysis indicated that over $4.3 million worth of assets flowed out of affected wallets. This figure, sourced from publicly visible on-chain transfers tracked by ARKHAM, represents the minimum documented loss based on reported account compromises. The actual scope of the incident may prove larger as additional affected users come forward.

ZachXBT’s investigation pinpointed several wallet addresses that functioned as collection points for the stolen funds:

• 0x3b09A3c9aDD7D0262e6E9724D7e823Cd767a0c74
• 0x463452C356322D463B84891eBDa33DAED274cB40
• 0xa42297ff42a3b65091967945131cd1db962afae4

These addresses received transfers from dozens of compromised wallets, indicating either meme hacker opportunism or a more organized theft operation leveraging the vulnerability systematically.

Trust Wallet’s Silence and Questions

As of press time, Trust Wallet had made no official public statement acknowledging the breach or addressing affected users. The company has neither confirmed whether the Chrome extension update was the direct cause nor provided mitigation strategies. No recovery guidance or remediation steps have been announced.

The lack of transparency raises concerns about whether developers fully understood the risks introduced by version 2.68.0. The timeline remains centered on December 24, when the problematic update went live, though the precise technical vulnerability behind the drains has not been explained by the platform.

For users holding assets in Trust Wallet or similar browser extensions, the incident underscores the importance of reviewing security practices before and after major updates.