W3BStation
Markets
BTC $96,420 +2.34% ETH $3,280 +1.82% SOL $185.40 -0.92% BNB $642.50 +0.45% XRP $2.18 +3.12% DOGE $0.082 -1.50% ADA $1.05 +0.80% AVAX $42.10 +1.15%
BTC $96,420 +2.34% ETH $3,280 +1.82% SOL $185.40 -0.92% BNB $642.50 +0.45% XRP $2.18 +3.12% DOGE $0.082 -1.50% ADA $1.05 +0.80% AVAX $42.10 +1.15%
12/26/2025

Trust Wallet Pledges to Reimburse $7M Stolen in Christmas Day Hack, Insider Involvement Suspected

In a development drawing significant attention from the crypto community, Trust Wallet confirmed that users lost approximately $7 million in an attack that occurred on Christmas Day. The incident involved browser extension version 2.68, which had been compromised with malicious code affecting desktop users. Trust Wallet urged users to immediately upgrade to version 2.89. Notably, Changpeng Zhao (CZ) — co-founder of Binance, which owns Trust Wallet — announced on X that all

Trust Wallet Pledges to Reimburse $7M Stolen in Christmas Day Hack, Insider Involvement Suspected

In a development drawing significant attention from the crypto community, Trust Wallet confirmed that users lost approximately $7 million in an attack that occurred on Christmas Day. The incident involved browser extension version 2.68, which had been compromised with malicious code affecting desktop users. Trust Wallet urged users to immediately upgrade to version 2.89.

Notably, Changpeng Zhao (CZ) — co-founder of Binance, which owns Trust Wallet — announced on X that all losses would be reimbursed to affected users.

According to analysis by blockchain security firm SlowMist, the attack was not a spontaneous act but had been carefully planned since December 8. The attacker installed a backdoor on December 22 and began draining funds on December 25, at which point the breach was discovered. Beyond stealing assets, the malware also collected users' personal data and transmitted it to the hackers' servers.

On-chain analyst ZachXBT reported that hundreds of Trust Wallet users were affected. Some industry experts believe the incident likely involved an insider, given that the attacker had sufficient access to push a malicious extension version to the distribution system.

CZ also agreed that the probability of internal involvement was "very high." SlowMist noted that the hacker had deep familiarity with Trust Wallet's source code, which allowed them to install the backdoor without early detection.

As crypto wallet attacks have surged in recent times, this incident serves as yet another warning for users to exercise extreme caution — carefully vetting extensions, keeping software up to date, and securing their personal assets.

Recommendations:

  • Immediately upgrade the Trust Wallet extension to v2.89
  • Avoid using older versions
  • Review your wallet & transaction history
  • Take proactive steps to secure your personal information

Crypto always carries inherent risk — users need to stay informed and take greater care in protecting their digital assets.