Table of Contents
While families around the world were celebrating Christmas, Trust Wallet users faced an alarming situation. A security breach in the latest browser extension update allowed cybercriminals to siphon off millions of euros in digital assets. Discover the details of this attack and how to protect your funds.
The 3 must-know facts
On December 24, 2025, an update to the Trust Wallet browser extension introduced a critical vulnerability. This flaw allowed attackers to steal over 6 million euros in digital assets. Cybersecurity experts noticed suspicious code exfiltrating sensitive data to an unknown server, suggesting a supply chain attack.
Users affected by this compromised version must immediately disable the extension and install version 2.69, released urgently on December 25. This new version is supposed to fix the flaw and protect users.
In response to this situation, Trust Wallet quickly launched a communication operation to inform its users. Although the company confirmed the security incident, it has not yet provided details on the exact origin of the compromise.
Users must transfer their funds to a new wallet and consider any previous recovery phrase as compromised. Caution is advised, as phishing campaigns are attempting to exploit the situation to deceive users with fake update links.
Launched in 2017, Trust Wallet is a mobile cryptocurrency wallet that allows users to securely store and manage their digital assets. Initially developed for Ethereum, it now supports a wide range of cryptocurrencies. Trust Wallet quickly gained popularity due to its ease of use and integration with Binance, one of the largest cryptocurrency exchange platforms in the world. The company constantly strives to enhance the security of its products, but this incident highlights the ongoing challenges in cybersecurity in the digital asset domain.