Key Takeaways:
- Around $7 million in crypto was stolen through a security incident affecting Trust Wallet’s Chrome extension v2.68.
- Changpeng Zhao (CZ) confirmed that Trust Wallet will fully cover all losses, stating user funds remain SAFU.
- The incident is limited to one browser extension version; mobile users and other versions were not affected.
Trust Wallet and Binance founder Changpeng Zhao have confirmed a security breach that led to millions in user losses. While the incident has raised concerns across the crypto community, the company moved quickly to contain the issue and compensate affected users.
Read More: Trust Wallet Extension Bug Triggers $6M+ Crypto Losses, Forces Emergency Upgrade to Version 2.69
So far, $7m affected by this hack. @TrustWallet will cover. User funds are SAFU. Appreciate your understanding for any inconveniences caused. 🙏
The team is still investigating how hackers were able to submit a new version. https://t.co/xdPGwwDU8b
— CZ 🔶 BNB (@cz_binance) December 26, 2025
Trust Wallet Confirms Extension-Specific Security Breach
Trust Wallet disclosed that it identified a security incident limited exclusively to Browser Extension version 2.68. According to the company, no other browser versions and no mobile wallets were impacted.
The wallet provider urged users running version 2.68 to immediately disable the extension and upgrade to version 2.69 via the official Chrome Web Store. Trust Wallet stressed that users should avoid opening the affected extension before updating, as doing so could further expose wallet data.
The team said it is actively investigating how attackers managed to submit and distribute a compromised version of the extension. Updates will continue as more details emerge.
CZ: $7 Million Affected, User Funds Will Be Reimbursed
Binance founder Changpeng Zhao addressed the incident publicly, confirming the scale of losses and the company’s response.
“So far, $7m has been affected by this hack. Trust Wallet will cover. User funds are SAFU,” CZ wrote on X. He added that the investigation is ongoing, particularly around how malicious code made its way into a published extension version.
The assurance helped calm fears among users, especially given Trust Wallet’s scale as one of the world’s most widely used self-custodial wallets. The commitment to reimburse losses reflects Binance-linked platforms’ long-standing SAFU narrative, even when incidents originate outside core exchange infrastructure.
Read More: CZ Wins Peter Schiff in Viral Bitcoin Debate After One-Minute Takedown Shocks Crypto Community
What Went Wrong in Version 2.68
A Supply Chain Risk in Browser Wallets
Although Trust Wallet has not published all technical information, preliminary evaluations indicate that there is a supply-chain-style tradeoff related to the extension update process.
Browser extensions are particularly vulnerable to crypto threats:
- They interact directly with web pages and smart contracts
- They handle private keys and transaction approvals
- Updates are pushed automatically, often without user scrutiny
It seems that in this scenario, attackers have used that trust model against them. According to reports of blockchain investigators, the money has been emptied soon after users relayed transactions via the hacked extension. Trust Wallet highlighted that users that opened or interacted with version 2.68 were the only ones who were exposed. The patched version 2.69 removes the vulnerability.
Rising Scrutiny on Browser-Based Crypto Wallets
The incident contributes to an increasing conversation on the subject of browser extensions as a security vulnerability in Web3. Whereas non-custodial wallets enable the user to exercise control over the asset, the responsibility and risk are transferred to software interfaces which need to balance usability and security.
Recent trends show:
- Increased phishing and extension spoofing
- Malicious updates targeting wallet approvals
- Growing reliance on third-party web infrastructure
Security researchers are still encouraging users to:
- Verify extension publishers
- Delay updates until confirmed safe
- Use hardware wallets for large balances
- Regularly review token approvals