W3BStation
Markets
BTC $96,420 +2.34% ETH $3,280 +1.82% SOL $185.40 -0.92% BNB $642.50 +0.45% XRP $2.18 +3.12% DOGE $0.082 -1.50% ADA $1.05 +0.80% AVAX $42.10 +1.15%
BTC $96,420 +2.34% ETH $3,280 +1.82% SOL $185.40 -0.92% BNB $642.50 +0.45% XRP $2.18 +3.12% DOGE $0.082 -1.50% ADA $1.05 +0.80% AVAX $42.10 +1.15%
12/26/2025

Trust Wallet Pledges to Reimburse $7 Million Stolen in Christmas Day Hack, Insider Involvement Suspected

In a development drawing major attention across the crypto community, Trust Wallet confirmed that users lost approximately $7 million in an attack that took place on Christmas Day. The incident involved browser extension version 2.68, which had been injected with malware affecting desktop users. Trust Wallet urged users to immediately upgrade to version 2.89. Notably, Changpeng Zhao (CZ) — co-founder of Binance, which owns Trust Wallet — announced on X that all los

Trust Wallet Pledges to Reimburse $7 Million Stolen in Christmas Day Hack, Insider Involvement Suspected

In a development drawing major attention across the crypto community, Trust Wallet confirmed that users lost approximately $7 million in an attack that took place on Christmas Day. The incident involved browser extension version 2.68, which had been injected with malware affecting desktop users. Trust Wallet urged users to immediately upgrade to version 2.89.

Notably, Changpeng Zhao (CZ) — co-founder of Binance, which owns Trust Wallet — announced on X that all losses would be reimbursed to affected users.

According to analysis by blockchain security firm SlowMist, the attack was not spontaneous but had been carefully planned since December 8. The attacker planted a backdoor on December 22 and began draining funds on December 25, which triggered its detection. Beyond stealing assets, the malware also collected users' personal data and sent it to the hackers' servers.

On-chain analyst ZachXBT reported that hundreds of Trust Wallet users were affected. Several industry experts believe the incident most likely involved an insider, given that the attacker had sufficient access to push a malicious extension version to the distribution system.

CZ also agreed that the likelihood of internal involvement was "very high." SlowMist assessed that the hacker had deep familiarity with Trust Wallet's source code, which allowed them to embed the backdoor without early detection.

As crypto wallet attacks have surged in recent months, this incident serves as yet another warning for users to exercise extreme caution — carefully vetting extensions, keeping software up to date, and securing their personal assets.

Recommendations:

  • Immediately upgrade the Trust Wallet extension to v2.89
  • Avoid using older versions
  • Review your wallet & transaction history
  • Proactively protect your personal information

Crypto always carries inherent risk — users need to stay informed and take a more careful approach to protecting their digital assets.