The Trust Wallet browser extension was compromised in a supply-chain attack that affected users during a short window between December 24 and 25, 2025, after a vulnerable release was pushed broadly. An estimated $6–7 million was drained from impacted accounts, with version 2.68 enabling theft of BTC, ETH, BNB, and SOL from more than 600 wallets.

How the compromise worked and why the impact escalated quickly

On-chain forensics and vendor analysis indicate the delivery vector was a malicious update to the browser extension. The exploit was embedded in WebAssembly (WASM) code and centered on a random number generation (RNG) flaw that weakened key material generated by the client. An RNG is a component that provides entropy used in creating cryptographic keys and seed phrases. When entropy is degraded or exposed at the client layer, downstream key security assumptions can fail immediately.

Because the weakness reduced or exposed entropy, attackers could predict or reconstruct private keys or seed phrases generated or imported by the compromised client. Users who imported existing seed phrases into version 2.68 were especially exposed, enabling near-instant siphoning once an affected seed was used. On-chain tracing of attacker-controlled addresses showed stolen assets exceeding $4 million at one point, including roughly $1.5 million in ETH and about $1.4 million in BTC. The observed balances underscore the speed at which client compromise can translate into multi-chain losses.

Analysts observed stolen funds moving through liquidity and conversion services and into multiple exchange accounts. The flow pattern is consistent with rapid cash-out behavior that prioritizes speed, fragmentation, and operational obscurity after a large-scale compromise. This dynamic tends to compress response windows for victims and incident responders. In practice, accelerated asset movement increases the importance of early containment and coordinated exchange engagement.

We’ve identified a security incident affecting Trust Wallet Browser Extension version 2.68 only. Users with Browser Extension 2.68 should disable and upgrade to 2.69.

Please refer to the official Chrome Webstore link here: https://t.co/V3vMq31TKb

Please note: Mobile-only users…

— Trust Wallet (@TrustWallet) December 25, 2025

Trust Wallet issued an urgent advisory instructing users of the affected build to disable version 2.68 and upgrade to version 2.69. The parent company confirmed a remediation path and communicated mitigation guidance, while leadership later pledged to reimburse verified victims through an insurance reserve. Changpeng Zhao, CEO of the affiliated exchange, described the exploit as “not natural,” indicating suspicion of unusual sophistication or potential insider involvement. That characterization reinforces the need to treat the incident as a high-severity compromise of the distribution and integrity pipeline.

Beyond the immediate remediation and reimbursement posture, the incident highlights systemic supply-chain risk in DeFi client software. A supply-chain attack exploits trust in a software provider by distributing malicious updates that execute directly on end-user devices. Browser extensions expand the local attack surface versus isolated hardware wallets or purpose-built clients. When native or WASM components handle key generation, failures in entropy or code integrity can produce catastrophic outcomes.

The case strengthens the rationale for layered controls and verifiable release integrity. Recommended safeguards cited include hardened RNG sources, independent code signing and distribution verification, deterministic build transparency, and user workflows that avoid importing seed material into ephemeral or untrusted environments. For users, the incident clarifies the convenience-versus-exposure tradeoff of browser-based wallet interfaces. Operationally, minimizing sensitive key handling inside extension environments reduces blast radius when the client supply chain is compromised.

The episode demonstrates how a single compromised client release can propagate quickly into broad losses across major chains. The key takeaway for stakeholders is that software distribution integrity and entropy assurance are not ancillary controls, they are foundational to user asset safety.