Trust Wallet Goes Dark on Chrome – $7M Hack Victims Left Waiting for Claims Tool
Trust Wallet customers affected by a current browser extension hack are going through recent delays after the pockets supplier confirmed that its Chrome extension has been quickly faraway from the Chrome Web Store.
This resulted in slowing the rollout of a key claims verification software tied to the incident.
Trust Wallet chief govt Eowyn Chen said the extension grew to become unavailable after the corporate encountered a Chrome Web Store bug whereas trying to launch a brand new model.
Some might have observed that the @trustwallet Browser Extension is quickly unavailable on the Chrome Web Store. We hit a Chrome Web Store bug
whereas releasing a brand new model that features a characteristic to assist reimbursement claimants submit verification codes from their extension…
— Eowync.eth (@EowynChen) December 31, 2025
The delayed replace was meant to introduce a verification characteristic designed to assist victims of the Christmas Day hack affirm pockets possession and submit reimbursement claims securely.
Chen mentioned Google has acknowledged the problem and is escalating it internally, whereas warning customers to remain alert for pretend or impersonated variations of the extension circulating on-line.
Attackers Exploited Fake Trust Wallet Update to Steal Funds
The outage comes as Trust Wallet continues to handle the fallout from a safety breach that started unfolding in late December.
On December 25, the company confirmed that a malicious version of its Chrome browser extension, model 2.68, had been distributed by means of the Chrome Web Store exterior its regular launch course of.
The compromised extension allowed attackers to entry delicate pockets knowledge and execute unauthorized transactions, resulting in tens of millions of {dollars} in losses.
Multiple Trust Wallet customers skilled unauthorized fund outflows on Thursday because of a brand new browser extension theft. Losses are estimated to surpass $6 million.#TrustWallet #CryptoTheft #TrustWalletThefthttps://t.co/mchzwWAHK3
— Cryptonews.com (@cryptonews) December 26, 2025
Trust Wallet’s inner investigation shows that solely customers who put in model 2.68 and logged into their wallets between December 24 and December 26 had been affected.
Mobile app customers, customers on different extension variations, and those that put in or logged in after December 26 weren’t impacted.
The firm said it recognized 2,520 pockets addresses that had been drained in the course of the incident, with roughly $8.5 million in property linked to 17 attacker-controlled wallets.
The pockets, although, famous that a few of these attacker addresses additionally focused wallets unrelated to Trust Wallet.
Security researchers later confirmed that the malicious construct appeared authentic and handed Chrome’s assessment course of however contained hidden code able to extracting restoration phrases.
Several customers said merely importing a seed phrase into the extension triggered quick fund outflows throughout a number of blockchains.
Trust Wallet Cleans Up Extension Hack; Flags Rise in Fake Compensation Scams
Trust Wallet traced the breach again to a wider provide chain assault often called Sha1-Hulud, which surfaced in November and affected a number of corporations by means of compromised developer tooling.
The firm mentioned uncovered GitHub secrets and techniques and a leaked Chrome Web Store API key allowed the attacker to add the malicious extension instantly, bypassing inner approval checks.
In response, Trust Wallet rolled again to a clear launch, published model 2.69, and disabled compromised publishing credentials. It additionally declared a voluntary reimbursement scheme, which they promised to all these individuals who had been discovered to be victims.
On December 29, it opened a formal claims process, the place customers are requested to supply pockets addresses, transaction hashes, and figuring out info by way of an official assist portal.
In its response to over 5,000 claims, the corporate indicated that it has been inundated with claims, provided that the variety of verified affected wallets is way decrease, and it’s a reason behind concern that there might be duplicate or pretend claims.
It is the reason for that discrepancy that led to the creation of one other verification mechanism that was speculated to be supplied with the subsequent replace of the browser extension, however was delayed by the Chrome Web Store drawback.
The occasion continues so as to add to an rising variety of wallet-related escapades within the crypto trade.
Industry knowledge shows that the proportion of non-public pockets compromises has continued to extend because the share of stolen funds.
The submit Trust Wallet Goes Dark on Chrome – $7M Hack Victims Left Waiting for Claims Tool appeared first on Cryptonews.
