Trust wallet
December 24, 2025
•[ supply chain attack, cryptocurrency theft, malicious browser extension ]
Trust Wallet said a December 24, 2025 incident led to roughly $8.5M stolen from more than 2,500 crypto wallets after attackers published a malicious version of its Chrome extension (v2.68.0) containing a JavaScript payload that collected sensitive wallet data and enabled unauthorized transactions. Trust Wallet stated that developer GitHub secrets were exposed, giving the attacker access to extension source code and a Chrome Web Store API key; with that key, the attacker could upload builds directly, bypassing Trust Wallets internal approval/manual review process. Trust Wallet said it revoked release APIs, coordinated registrar action to suspend attacker domains used to host malicious code, began reimbursing affected users, and warned about impersonation scams targeting victims.
