Trust Wallet issued security alerts to 36,000 impacted users through extension banners and mobile app notifications.
Trust Wallet has issued a clear action notice after identifying compromised browser wallets from a recent extension issue. The company warned affected users to act quickly. The notice targets a limited number of wallets. It explains who is affected, how users were notified, and what steps are required to secure funds safely.
Limited Wallets Affected During Specific Period
Trust Wallet confirmed the issue affected Browser Extension version 2.68 only. The exposure occurred between December 24 and December 26, 2025. Only users who opened and logged in during that period were affected. The company stated that around 36,000 wallets remain compromised.
This group represents about 0.016% of the total Trust Wallet user base. The company said the issue did not affect mobile application users. Other browser extension versions were also not affected. Users who logged in after December 26 at 11:00 UTC remain safe.
Action required for users impacted by the Browser Extension v2.68 incident:
We identified a limited group of ~36k wallets (0.016% of our user base) still having a compromised wallet(s). All impacted users have already been directly notified via a security incident banner on your…
— Trust Wallet (@TrustWallet) January 3, 2026
The crypto wallet platform explained that users without notifications do not need action. The company said it reviewed usage data carefully. It identified only wallets meeting strict conditions. This helped narrow the affected group accurately.
The company continues its investigation while monitoring wallet activity. Early estimates suggest losses of around $7M. Additionally, it noted that investigations remain ongoing. Further updates may follow if findings change.
How Trust Wallet Notified Affected Users
Trust Wallet said it directly contacted all affected users through multiple channels. A security incident banner appeared on the browser extension. This banner displayed action required notices. It appeared when users opened the extension.
Some users did not open the extension during this period. This was addressed by sending mobile app notifications. These alerts appeared if the same wallet existed on mobile. Pop up messages also appeared when opening the mobile app.
The company explained that these steps aimed to reach every impacted user. Trust Wallet wanted to prevent missed warnings. It encouraged users to review notifications carefully. Users were told to act immediately after receiving alerts.
Trust Wallet also clarified that no notice means no exposure. The company advised users to ignore unofficial messages. It reminded users to follow only official instructions. This approach helps reduce confusion and phishing risks.
Related Readings: Inside the Trust Wallet Hacker Wallet Holding Over $4 Million
Required Steps to Secure Compromised Wallets
Trust Wallet instructed affected users to update the browser extension immediately. The extension must be updated to version 2.69 or later. Users must disable the old extension before updating. This removes the vulnerable version completely.
After updating, users must create a new wallet. Additionally, this applies to browser extension and mobile app users. Moreover, Trust Wallet advised saving the recovery phrase securely. This step protects access to the new wallet.
Users must then transfer all assets from old wallets. However, funds should move only after the update completes. Consequently, Trust Wallet advised checking each account carefully. Every token must be transferred to the new address.
Users who experienced losses were directed to contact support. Accordingly, Trust Wallet provided a dedicated support form. Each case will receive priority review. Furthermore, additional information may be requested for ownership verification.