Security Flaw in Trust Wallet Drains Over $6M From Users

Jimmy Aki
Last Updated:

Please note that we are not authorised to provide any investment advice. The content on this page is for information purposes only.

Trust Wallet has confirmed a security flaw in version 2.68 of its browser extension. Attackers used this flaw to drain over $6 million from user wallets.

The stolen assets were taken from several blockchains, including Bitcoin, Solana, and EVM-compatible networks.

According to on-chain investigators, the thefts began on December 24, 2025.

They continued into the following day. Users were affected if they installed version 2.68 and imported their secret seed phrases. In most cases, entire wallet balances were emptied within minutes. The stolen assets were then quickly moved through multiple addresses across different networks.

Version 2.68 Users of Trust Wallet Told to Disable and Upgrade Immediately

Blockchain security firm PeckShieldAlert reported that over $4 million of the stolen funds have already been sent through centralized exchanges, including ChangeNOW, FixedFloat, and KuCoin.

About $2.8 million remains in wallets still controlled by the attacker, based on current tracking. Analysts said the speed and consistency of the transfers point to an automated draining process triggered once access was obtained.

Trust Wallet issued an official statement confirming the security incident was limited to browser extension version 2.68. The company stated that mobile app users and users on other extension versions were not affected.

Wallet platform urged all users running version 2.68 to disable the extension immediately and update to version 2.69 obtained directly from the official Chrome Web Store.

Users first raised the alarm after noticing money leaving their wallets without permission. Some contacted on-chain analyst ZachXBT, who checked the transactions and found they were linked to Trust Wallet addresses tied to the affected extension.

Several users said their wallets were emptied minutes after they used the extension.

Trust Wallet said it is contacting affected users and continuing its review of the incident. The company has not explained what caused the issue or said whether any refunds will be made.

Users have been advised to remove risky wallet permissions, move any remaining funds to new wallets created with fresh seed phrases, and install updates only from official extension sources.

Crypto Adoption Grows as Security Risks Follow

The incident comes as more young and high-earning investors increase their exposure to digital assets.
In a survey of 500 U.S. investors aged 18-40 earning between $100,000 and $1 million annually, 35% moved funds away from advisers who did not support crypto investing.

Among those who reallocated, 55% shifted between $250,000 and $1 million to advisers with crypto expertise.

As adoption expands, so do security concerns. CertiK’s 2025 Skynet Hack3D report estimates that Web3 hacks, scams, and vulnerabilities led to about $3.35 billion in losses.

Phishing remains one of the most common attack methods.

While overall exploit losses have declined from earlier in the year, analysts say the threat has not disappeared. Instead, it has shifted toward softer targets, including social media accounts that are hijacked and used to spread malicious links, as seen in the recent PancakeSwap phishing incident.

About Jimmy Aki PRO INVESTOR

Based in the UK, Jimmy is an economic researcher with outstanding hands-on and heads-on experience in Macroeconomic finance analysis, forecasting and planning. He has honed his skills having worked cross-continental as a finance analyst, which gives him inter-cultural experience. He currently has a strong passion for regulation and macroeconomic trends as it allows him peek under the global bonnet to see how the world works.