• Home
  • cyber
  • Binance: Trust Wallet users lost nearly $7 million due to an exploit.
cyber Cyber Attack

Binance: Trust Wallet users lost nearly $7 million due to an exploit.

Dec 26, 2025 2 min read
Binance: Trust Wallet users lost nearly $7 million due to an exploit.

**Trust Wallet Browser Extension Exploit Targets Cryptocurrency Users**

Trust Wallet, a popular cryptocurrency wallet provider, disclosed a security breach affecting users of its browser extension version 2.68. The vulnerability, which remained active for several days, was first flagged on December 24 after blockchain researcher ZachXBT detected unusual fund outflows from compromised wallets.

The exploit specifically impacted users who entered private keys into the vulnerable extension, leading to unauthorized access and theft of assets. Affected cryptocurrencies included Ethereum (ETH), Bitcoin (BTC), and Solana (SOL), with some victims losing funds stored for years. The attacker funneled stolen tokens through intermediate addresses before cashing out via exchanges like KuCoin, HTX, ChangeNOW, and FixedFloat.

Trust Wallet confirmed that only the browser extension was affected, urging users to disable version 2.68 and upgrade to version 2.69. Mobile and desktop versions remained secure. The company is investigating how the malicious version was uploaded to app stores under its official brand.

In response, Changpeng Zhao (CZ), founder and former CEO of Binance, announced that all affected users would receive compensation. The full scope of the breach and the attack vector remain under investigation.

Source: https://happycoin.club/en/iz-za-inczidenta-s-bezopasnostyu-polzovateli-trust-wallet-lishilis-7-mln/

Binance cybersecurity rating report: https://www.rankiteo.com/company/binance

"id": "BIN1766986758",
"linkid": "binance",
"type": "Cyber Attack",
"date": "12/2025",
"severity": "60",
"impact": "2",
"explanation": "Attack limited on finance or reputation"
{'affected_entities': [{'customers_affected': 'Users of Trust Wallet browser '
                                              'extension v2.68',
                        'industry': 'FinTech, Cryptocurrency',
                        'name': 'Trust Wallet',
                        'type': 'Cryptocurrency Wallet Provider'}],
 'attack_vector': 'Malicious browser extension update',
 'customer_advisories': 'Users advised to disable the vulnerable extension, '
                        'withdraw funds via desktop/mobile, and avoid entering '
                        'private keys in the extension.',
 'data_breach': {'personally_identifiable_information': 'Private keys '
                                                        '(potential for '
                                                        'identity theft)',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': 'Private keys'},
 'date_detected': '2023-12-24',
 'description': 'Cryptocurrency wallet Trust Wallet reported a security '
                'incident affecting version 2.68 of its browser extension. '
                'Users were advised to disable the extension and upgrade to '
                'version 2.69. The mobile version was unaffected. The incident '
                'involved attackers uploading a vulnerable version of the '
                "wallet to the app store under Trust Wallet's official brand.",
 'impact': {'brand_reputation_impact': 'Yes',
            'data_compromised': 'Private keys',
            'identity_theft_risk': 'High (private keys exposed)',
            'operational_impact': 'Users advised to avoid using the vulnerable '
                                  'extension',
            'payment_information_risk': 'High (cryptocurrency wallets drained)',
            'systems_affected': 'Trust Wallet browser extension (v2.68)'},
 'initial_access_broker': {'entry_point': 'Malicious browser extension update',
                           'high_value_targets': 'Cryptocurrency wallets '
                                                 '(Ethereum, BTC, Solana)'},
 'investigation_status': 'Ongoing',
 'motivation': 'Financial gain',
 'post_incident_analysis': {'corrective_actions': 'Release of patched version '
                                                  '(v2.69) and user '
                                                  'advisories.',
                            'root_causes': 'Attackers uploaded a vulnerable '
                                           'version of the wallet to the app '
                                           "store under Trust Wallet's "
                                           'official brand.'},
 'recommendations': 'Users should avoid entering private keys in browser '
                    'extensions and use desktop/mobile versions instead. '
                    'Regularly update wallet software.',
 'references': [{'source': 'ZachXBT (Blockchain Researcher)'}],
 'response': {'communication_strategy': 'Public advisory to users',
              'containment_measures': 'Users advised to disable the vulnerable '
                                      'extension and upgrade to v2.69',
              'remediation_measures': 'Release of patched version (v2.69)'},
 'stakeholder_advisories': 'Trust Wallet team and Binance (former CEO) advised '
                           'users to upgrade and offered compensation.',
 'title': 'Trust Wallet Browser Extension Security Incident',
 'type': 'Supply Chain Attack',
 'vulnerability_exploited': 'Vulnerable version of Trust Wallet browser '
                            'extension (v2.68)'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.