A major security incident has affected users of the Trust Wallet Chrome browser extension. Many users reported sudden and unauthorized withdrawals from their crypto wallets. These incidents were noticed shortly after installing a recent extension update. Security experts later confirmed that the update itself had been compromised.
The issue began around December 24, when a malicious version of the extension was released. Users who installed this update unknowingly exposed sensitive wallet information. Attackers were able to access private keys or recovery phrases. This gave them full control over the affected wallets.
Soon after the update, blockchain analysts noticed a spike in suspicious transactions. Several wallets were drained within minutes of regular user activity. Investigators tracked the stolen funds across multiple blockchain networks. The total losses are estimated to be between six and seven million dollars.
Experts believe this was a supply-chain attack rather than a basic phishing scam. Malicious code was embedded directly into the official extension update. Because the update came from a trusted source, users installed it without doubt. This allowed the attack to spread rapidly and quietly.
Some analysts have suggested insider access or stolen developer credentials may be involved. Such attacks usually require deep access to the software distribution process. Trust Wallet publicly acknowledged that the extension update was compromised. However, the exact cause of the breach has not been officially confirmed.
After identifying the issue, Trust Wallet advised users to disable or remove the Chrome extension immediately. Users were warned not to interact with the extension until a secure version is released. The company also cautioned against fake messages claiming to offer fixes. Attackers often use such situations to launch additional scams.
Binance founder Changpeng Zhao publicly addressed the incident. He confirmed the estimated financial losses linked to the hack. He also stated that Trust Wallet would take steps to compensate affected users. Official updates were promised through verified communication channels only.
The incident highlights the risks associated with browser-based cryptocurrency wallets. Browser extensions have high system access, making them attractive targets for attackers. Security experts recommend using hardware wallets for storing large amounts of crypto. The breach serves as a reminder to remain cautious even with trusted tools.
Stay alert, and keep your security measures updated!
Source: Follow cybersecurity88 on X and LinkedIn for the latest cybersecurity news
