A major security incident has hit Trust Wallet users, with over $7 million reported stolen since Christmas Day. The breach specifically targeted version 2.68 of the Trust Wallet Chrome extension. Users are being urged to immediately update to version 2.69 to secure their assets.
Business Impact
This highlights the extreme risk of “hot wallets” used on browser extensions. For corporate finance teams or crypto-focused clients in Bahrain, this serves as a reminder that browser-based tools are highly susceptible to supply-chain attacks and code injection. A $7 million loss is a significant blow to platform reputation during the holiday peak.
Why It Happened
The breach involved a vulnerability in the extension’s code that allowed attackers to intercept private keys or recovery phrases during specific wallet interactions. The spike in “drained” addresses was first flagged by on-chain analysts on Dec 25.
Recommended Executive Action
Mandate that any staff using Trust Wallet for business purposes verify their extension version immediately. Recommend moving high-value assets to “cold storage” or hardware wallets, which are not susceptible to browser extension vulnerabilities.
Hashtags: #TrustWallet #CryptoHeist #Web3 #ChromeExtension #Binance #BlockchainSecurity #InfoSec