Close Menu
    Home / About / Advertise / Contact
    Crypto Cryptocurrency

    Trust Wallet Opens Claims for Users Affected by $7 Million Extension Hack

    Trust Wallet begins official claims process after $7 million Chrome extension hack affecting hundreds of wallets.
    Kelvin MuneneBy No Comments4 Mins Read

    TLDR

    • Hack affected Trust Wallet Chrome extension version 2.68 stealing $7 million.
    • Leaked Chrome API key allowed attackers to bypass release checks.
    • Trust Wallet promises to compensate all victims after careful verification.
    • Over $4 million of stolen funds moved through centralized exchanges.

    Trust Wallet has started a formal compensation process for users affected by a recent security breach that drained around $7 million from its Chrome browser extension. The company confirmed that the breach involved a malicious update to version 2.68, which allowed attackers to access hundreds of wallets. Trust Wallet urges users to use only official forms to claim compensation and avoid impersonation scams. The company also reminded users to remain cautious of impersonators claiming to offer compensation or support, as fraudulent attempts have increased since the incident.

    Hack Exploited Chrome Extension Update

    The incident occurred after a leaked Chrome Web Store API key enabled attackers to bypass internal release checks. Trust Wallet CEO Eowyn Chen explained that this key allowed the malicious version 2.68 to be published on December 24 at 12:32 p.m. UTC. The update contained code designed to target wallet seed phrases using a modified open-source analytics library.

    Security firm SlowMist confirmed that the malicious code was specifically created to collect sensitive information from users who logged in before December 26 at 11 a.m. UTC. Mobile app users and those running other versions of the browser extension were not affected by the incident.

    The extension has approximately one million users according to its Web Store listing, highlighting the scale of potential risk during the breach. Trust Wallet also stated that it is reviewing internal processes to prevent similar incidents in the future and enhance overall security measures.

    Claims Submission and Verification

    Trust Wallet has set up an official support form for victims to submit claims. The form asks for email addresses, countries of residence, compromised wallet addresses, attacker addresses, and related transaction hashes. Chen said, “We are working around the clock to finalize the compensation process details. Each case requires careful verification to ensure accuracy and security.”

    The company emphasized that victims must avoid fake compensation forms circulating online. Trust Wallet confirmed that it will cover all losses to ensure affected users are reimbursed. The process is designed to carefully review each case before issuing any compensation, which the company says is important to maintain security and accuracy. Chen added that the verification process may take time to ensure that all claims are legitimate and properly assessed. She also encouraged users to provide complete and accurate information to help expedite processing.

    Funds Movement and Security Monitoring

    Blockchain analysis conducted by PeckShield reported that over $4 million of the stolen funds moved through centralized exchanges such as ChangeNOW, FixedFloat, and KuCoin. Approximately $2.8 million remained in the attackers’ wallets as of December 26. Trust Wallet is actively monitoring transactions to track stolen funds and prevent further misuse.

    Binance founder Changpeng Zhao, whose company acquired Trust Wallet in 2018, reassured users on X that all losses will be covered. He stated, “So far, $7 million affected by this hack. Trust Wallet will cover. User funds are SAFU.” The statement reinforced that the company is fully responsible for the affected wallets and remains committed to user safety.

    Incident Discovery and Response

    The hack came to public attention when onchain investigator ZachXBT alerted users on Telegram on Christmas Day. Users reported funds being drained shortly after the update, prompting Trust Wallet to release version 2.69 on December 25 to fix the issue. Chen added that the company traced the attack to the leaked API key and emphasized that the internal release process was bypassed.

    She advised users to remain cautious and only submit claims through official channels. Trust Wallet continues to investigate the breach to improve security and prevent similar incidents in the future. The company also encourages users to update their extensions promptly, enable additional security measures, and avoid sharing sensitive information online.

    ✨ Limited Time Offer

    Get 3 Free Stock Ebooks

    Discover top-performing stocks in AI, Crypto, and Technology with expert analysis.

    • Top 10 AI Stocks - Leading AI companies
    • Top 10 Crypto Stocks - Blockchain leaders
    • Top 10 Tech Stocks - Tech giants
    📥 Get Your Free Ebooks
    Free Stock Ebooks
    Share.

    Kelvin Munene is a crypto and finance journalist with over 5 years of experience in market analysis and expert commentary. He holds a Bachelor's degree in Journalism and Actuarial Science from Mount Kenya University and is known for meticulous research in cryptocurrency, blockchain, and financial markets. His work has been featured in top publications including Coingape, Cryptobasic, MetaNews, Coinedition, and Analytics Insight. Kelvin specializes in uncovering emerging crypto trends and delivering data-driven analyses to help readers make informed decisions. Outside of work, he enjoys chess, traveling, and exploring new adventures.

    KO Stocks

    Related Posts

    Add A Comment

    Comments are closed.

    No KYC. 70% Rakeback & 10% Cashback, Exclusive Thrill Originals!