Registration
 
All news
Top Stories
Editors' Picks
Crypto News
Financial News
Currencies
Market Voices
Companies
Regulators News
Central Banks News
Olesia Kramarenko
Olesia Kramarenko

Hacked Christmas: What happened to Trust Wallet

Hacked Christmas: What happened to Trust Wallet
Trust Wallet: a story of trust, mass adoption, and a hacked Christmas

​Christmas is not the best time for news. The crypto market usually slows down, chats fall silent, and traders go on holiday. It was in this quiet moment, on December 25, that the first troubling reports began to appear. Trust Wallet users were losing their funds. Later it became clear that the incident involved millions of dollars, hundreds of victims, and one of the most troubling types of attacks: the compromise of an official software update. Once again, it forced many to ask a familiar question. Does a truly “secure” wallet even exist?

The path to mass adoption

Trust Wallet emerged in 2017, at a time when non-custodial wallets were not yet a mass phenomenon. Most users kept their crypto assets on exchanges, while the idea of full personal control over private keys remained largely a principle for enthusiasts. Trust Wallet offered a simple alternative. It was a mobile wallet without complex settings and with a clear premise: the keys belong to the user, not the service.

In 2018, the project was acquired by Binance. For Trust Wallet, this meant scale and credibility, but not a change in its underlying model. The wallet retained its non-custodial status and gradually became part of the basic toolkit for new participants entering the crypto market. It was often recommended as a first wallet, the starting point for getting acquainted with Web3.

A wallet as a universal tool

As the market evolved, so did Trust Wallet itself. It moved beyond simple asset storage and became a multifunctional product. Support for dozens of blockchains, integration with DeFi protocols, NFTs, staking, and a built-in decentralized application browser gradually shaped its image as an everyday wallet.

A separate milestone was the launch of the browser extension. It allowed users to interact with Web3 services directly from their browsers and became an alternative to already familiar solutions. For many, it was the same Trust Wallet in a different environment, with the same level of trust in the brand.

The day an update became a threat

The events of December 25 showed just how fragile that trust could be. The common factor among all affected users was the Trust Wallet browser extension for Chrome, updated on December 24 to version 2.68. Users did not install third-party software or interact with suspicious resources. They simply applied an official update.

A malicious JavaScript fragment appeared in the extension’s code. It was disguised as analytics and did not interfere with normal wallet usage. The code was triggered only at a specific moment, when a user imported a seed phrase. The data was sent to a third-party domain registered just days before the attack. Once attackers gained access to seed phrases, they were able to drain funds from wallets almost instantly.

The scale of the attack and the community’s response

The first to systematically draw attention to the incident was blockchain investigator ZachXBT. He identified several addresses that were accumulating funds from hundreds of wallets. The attack affected multiple networks at once, including Bitcoin, Ethereum, and Solana. According to analysts’ estimates, total losses reached $6–7 million. Part of the funds was quickly transferred to centralized services for cash-out.

The Trust Wallet team confirmed the incident on social media and urged users to immediately disable version 2.68 and update to version 2.69. The company emphasized that mobile applications were not impacted. Binance founder Changpeng Zhao stated that Trust Wallet would compensate users for their losses.

What this hack says about the state of Web3

The Trust Wallet incident has become illustrative for the entire industry. In 2025, crypto-related crime continues to grow, and attacks increasingly target infrastructure rather than individual users. Browser wallet extensions, with their elevated access privileges, are becoming critical points of risk.

The Trust Wallet hack was not the result of user error or a weakness in blockchain technology. It strongly suggested that the most vulnerable layer remains the software between people and networks. That is where the main frontline of cybersecurity in the crypto industry lies today.

This material may contain third-party opinions, none of the data and information on this webpage constitutes investment advice according to our Disclaimer. While we adhere to strict Editorial Integrity, this post may contain references to products from our partners.

Editor's Picks for You

Why Tether flipping Ethereum is a pivotal moment for crypto
  • By Kyle Torpey
  • 1 hour ago
Why Tether flipping Ethereum is a pivotal moment for crypto
Editors' Picks
MiCA deadline: Why crypto companies are leaving Europe
  • By Eugene Komchuk
  • 4 hours ago
MiCA deadline: Why crypto companies are leaving Europe
Editors' Picks
From “Holy Trinity” to WLD crash: How Arthur Hayes became a market-moving seller
  • By Mikhail Vnuchkov
  • 13.06.2026
From “Holy Trinity” to WLD crash: How Arthur Hayes became a market-moving seller
Editors' Picks
All Editors' Top Picks

Latest Crypto News

Aztec Connect exploit highlights risks of legacy DeFi contracts
  • By Hanna Syniavska
  • 2 hours ago
Aztec Connect exploit highlights risks of legacy DeFi contracts
Crypto News
#Crypto
Can Ethereum avoid third consecutive quarterly decline?
  • By Mykhailo Ihnatenko
  • 4 hours ago
Can Ethereum avoid third consecutive quarterly decline?
Crypto News
#Crypto #Forecast #Ethereum
MiCA deadline: Why crypto companies are leaving Europe
  • By Eugene Komchuk
  • 4 hours ago
MiCA deadline: Why crypto companies are leaving Europe
Editors' Picks
#Crypto #USDT
All Crypto News
  • Kyle Torpey
  • 1 hour ago
Why Tether flipping Ethereum is a pivotal moment for crypto
  • Eugene Komchuk
  • 4 hours ago
MiCA deadline: Why crypto companies are leaving Europe
  • Mikhail Vnuchkov
  • 13.06.2026
From “Holy Trinity” to WLD crash: How Arthur Hayes became a market-moving seller
  • Eugene Komchuk
  • 12.06.2026
The world's first trillionaire: How Musk built his fortune on electric cars, space and AI
  • Ciaran Ryan
  • 11.06.2026
How precious-metals mining revival is reshaping portfolios in 2026
  • Eugene Komchuk
  • 29 min ago
Gordon Johnson: Tesla accused of presenting misleading Full Self-Driving safety data to European regulators
  • Jose Antonio Gastelum
  • 34 min ago
Sjuul Follings: BTC holds trend and breaks $65K level as predicted
  • Daria Chernytska
  • 34 min ago
Laura Shin: Bitcoin reaches 2-week high as U.S.-Iran deal eases rate fears
  • Ashutosh Sureka
  • 34 min ago
Market roughness must be seen to gain insight, Keith McCullough notes
  • Yaroslav Dmytrenko
  • 34 min ago
Natalie Brunell: SpaceX now holds 18,712 Bitcoin after going public
Weekly Top Bonuses
up to $2,500
deposit bonus for all clients
CLAIM BONUS
Your capital is at risk.
Top News
  • Eugene Komchuk
  • 39 min ago
Nikkei index hits record high on U.S.-Iran agreement
Nikkei index hits record high on U.S.-Iran agreement
  • Ivan Andriyenko
  • 1 hour ago
Iran war adds pressure to European corporate bonds
Iran war adds pressure to European corporate bonds
  • Igor Krasulya
  • 3 hours ago
Anthropic block puts OpenAI, Google and Meta on alert
Anthropic block puts OpenAI, Google and Meta on alert
  • Olga Shendetskaya
  • 5 hours ago
U.S. futures jump as Iran deal lifts global markets
U.S. futures jump as Iran deal lifts global markets
  • Eugene Komchuk
  • 6 hours ago
Oil prices fall after announcement of U.S.-Iran agreement
Oil prices fall after announcement of U.S.-Iran agreement
Live News
  • Anton Kharitonov
  • Now
Bitcoin recovers amid easing geopolitical tensions
  • Mykhailo Ihnatenko
  • Now
Rolls-Royce approaches record highs as oil prices decline
  • Anton Kharitonov
  • Now
WTI falls to multi-week lows as Hormuz tensions ease
  • Anton Kharitonov
  • Now
Natural gas extends decline as geopolitical risk premium fades
  • Anton Kharitonov
  • Now
Euro recovers as easing Middle East tensions boost risk appetite
Who We Are
Business Solutions
For Users
TU News
Popular Sections
Disclosures
CONTACT US
Legal
We are in Social Media
© IAFT Ltd., 2010-2026 All rights to the website are owned by IAFT Ltd.,
Registration number - HE 336186
  • Risk disclosure:

    Information on the TradersUnion.com website is for informational purposes only and does not constitute any motive or suggestion to visitors to invest money. Moreover, we hereby warn you that trading on the Forex and CFD markets is always a high risk. According to the statistics, 75-89% of customers lose the funds invested and only 11-25% of traders earn a profit. Trading in futures and options carries substantial risk of loss and is not suitable for every investor.

    That is why you should only invest money that you are prepared — or can afford — to lose at such high risks. Tradersunion.com does not provide any financial services, including investment or financial advisory services. Also, the Traders Union is not a broker and does not get money for trading in the Forex or CFD markets. Our website only provides information on brokers and the markets and helps its users to select the best brokerage company based on detailed information and objective analysis of brokers.

  • Disclaimer:

    Traders Union (TradersUnion.com) shall not be liable for the consequences of trading decisions made by the Client and for the possible loss of his capital resulting from the use of this website and information published on it.

    Forex market, CFD and cryptocurrency trading involves high risks and is not suitable for everyone. Before investing money, you need to adequately assess the level of your expertise and be aware of the risks, particularly in the context of trading with leverage. The information on this website is not intended for distribution or use by any person in any country or jurisdiction, where such distribution or use would be in violation of the local law or regulation. Any payments by Traders Union (TradersUnion.com) to the users of our website shall be legally interpreted solely as an incentive on our part for the activity on the website in the form of a deduction of a part of the advertising income; they shall not be a subject of any claims of our users or our obligations, a subject of disputes, as well as cannot be considered in relation to the services provided to users by brokers, both in fact and in their completeness and volume. The administration of the website shall not be liable for the content of user comments and reviews about the companies and shall not verify whether the authors of the reviews are indeed real clients of a specific company. All reviews, both negative and positive are published on the website without verification of their reliability; only offensive reviews that call for violence or any kind of discrimination and also reviews published from one group of IP addresses are moderated and removed. The authors of the materials shall be fully liable for the accuracy, completeness and impartiality of any information in the articles and reviews, including in the context of their use or mention of any brand names or trademarks. All mentions of the names of companies and their brands in any materials on the website shall be made in the context of communication of socially important information to the people about their activities by independent journalists, who are the authors. All evaluations and indicators on the website express the subjective opinion of the authors of the reviews (articles) and shall not be viewed as accurate statements and be a subject of disputes and claims against Traders Union.

  • Disclosure of advertisers and revenues:

    All the services on the Tradersunion.com website are free for you to use. Our team spends thousands of hours per annum researching brokers and gathering information about them to help investors all over the world to choose reliable companies and to avoid fraudsters.

    Indeed, the curating, sourcing, and organization of this process requires substantial financial investment by Tradersunion.com, which the website earns in the form of advertising payments. There are two types of advertising services on the website — direct advertising or partner (broker) participation programs. However, no services purchased by our partners shall affect the recommendations on our website, or our opinions, or ratings. Our ratings are based on our objective rating criteria and methodology; and the results are always equally and fairly applied to each broker. The work of our content authors and research groups does not involve any interaction with our advertisers and they do not have access to data concerning the amount of advertising purchased. For over 10 years we consider our independence, absolute openness, and objectivity as our main priority. Please follow the links to each of our affiliated broker’s websites. This will help Tradersunion.com to continue to provide our services to you for free.

onepercentfortheplanet.org World Association of News Publishers https://gdpr.eu/ GDPR