A critical security flaw in Trust Wallet Browser Extension 2.68 led to over $7 million in losses on Christmas Day, with CZ promising full user compensation.
Christmas Day 2025 turned into a nightmare for hundreds of cryptocurrency users as Trust Wallet Browser Extension version 2.68 suffered a devastating security breach. Victims watched helplessly as their funds vanished within minutes, with losses ranging from $50,000 to $800,000 per user.
The exploit targeted the Trust Wallet Browser Extension specifically, leaving mobile users unaffected. One victim discovered the breach after returning from family celebrations, finding $300,000 missing from their trading account.
Four-Minute Heist Shocks Crypto Community
According to @yunaintern on X, "I woke up to notifications. Transactions I never made. Wallets I never approved. By the time I realized what was happening, it was already over. +$300k transferred out. Multiple transactions. All within a 4-minute window."
The victim, a crypto participant since 2018, followed all security protocols including hardware wallets for long-term holdings and regular permission audits. Despite these precautions, the compromised extension drained their trading account completely.
Within six hours of the initial report, over 500 victims emerged with similar experiences. The cryptocurrency security breach occurred within a 24-hour window, affecting only users running version 2.68 of the browser extension.
@TrustWallet confirmed on X, "We've identified a security incident affecting Trust Wallet Browser Extension version 2.68 only. Users with Browser Extension 2.68 should disable and upgrade to 2.69."
The wallet provider directed users to the official Chrome Webstore for the secure update, emphasizing that mobile-only users and other browser extension versions remained safe.
Emergency Update Protocol Released
Trust Wallet issued urgent instructions for affected users. The company warned users not to open the extension before updating to prevent additional losses.
@TrustWallet posted detailed steps on X, instructing users to access Chrome Extensions panel, disable the extension, enable Developer mode, and update to version 2.69.
The victims' silence from Trust Wallet's initial response sparked frustration. Blockchain investigator ZachXBT questioned the company's compensation plans as distressed users flooded his messages.
@zachxbt asked on X, "I currently have many concerned victims contacting me via DM so can your team please clarify if you will be offering any compensation for Trust Wallet Browser Extension users."
Binance CEO Promises Full Coverage
Hours after the exploit gained widespread attention, Binance CEO CZ stepped in with a decisive announcement that brought relief to panicked victims.
@cz_binance stated on X, "So far, $7m affected by this hack. @TrustWallet will cover. User funds are SAFU. Appreciate your understanding for any inconveniences caused. 🙏 The team is still investigating how hackers were able to submit a new version."
The $7 million figure represents the total impact across all affected users. CZ's commitment to full reimbursement follows Binance's established "SAFU" (Secure Asset Fund for Users) principle, designed to protect users during security incidents.
Following CZ's announcement, @zachxbt confirmed on X, "It seems they will cover the losses."
The investigation continues into how attackers successfully submitted and distributed the malicious version 2.68 through official channels. Trust Wallet has not disclosed the technical details of the exploit or the timeline for the investigation's completion.
Users who haven't updated should immediately disable the extension and upgrade to version 2.69 to secure their funds. The incident highlights ongoing vulnerabilities in crypto wallet infrastructure, even for established providers.
Key Takeaways:
- Trust Wallet Extension 2.68 exploited Christmas Day; over 500 victims lost $50K-$800K each in minutes
- CZ confirms $7M total losses with full compensation; Trust Wallet investigating malicious version submission
- Users must update to version 2.69 immediately; mobile wallets unaffected by browser extension breach
#TrustWalletHack #CryptoSecurity #BrowserExtensionExploit #CryptocurrencyBreach #BinanceSAFU
Stay updated on the latest cryptocurrency news on our homepage.
Explore more in Latest News Category.
Related reading:
Key Topics
Crypto New Live
admin@cryptonewslive.org
Trust Wallet Browser Extension version 2.68 exploited on Christmas Day. Victims lost $300K-$800K in minutes. CZ confirms $7M total losses. Full coverage inside