The funds of Trust Wallet users have been depleted due to a browser plugin security issue.

Approximately $7 million in digital assets have been depleted by thousands of Trust Wallet users following an unexpected issue with their Chrome extension. The incident, discovered at the end of the year, revealed a vulnerability that could allow attackers to access users’ private keys and facilitate unauthorized fund transfers.

How millions of pesos were drained in a short period

Trust Wallet, a cryptocurrency storage platform with over a million users worldwide, released a new version of their browser extension for Chrome. Within just a few hours after the update, users began reporting unauthorized transfers of their digital assets from their wallet addresses.

Onchain analyst ZachXBT was the first to alert the community about the security breach. In his Telegram post, he highlighted the incident where many users experienced empty accounts and provided initial evidence linking the new extension update to the problem.

The vulnerability targeted version 2.68 of the extension, where malicious code could infiltrate and gain access to users’ private keys. As a result, funds and crypto holdings that should have been protected by encryption and user-controlled security protocols were drained.

Immediate response and recovery plan

The wallet development team acted swiftly and released a verified solution. They advised all users not to open the problematic version and to update immediately to version 2.69, where the security flaw has been patched.

The key message from platform officials is that the lost funds will have a recovery plan. Trust Wallet leadership has committed to addressing the situation and providing compensation to affected users.

For mobile users and other versions of the browser extension, there is no direct risk since the vulnerability was isolated only to Chrome version 2.68.

The bigger story of crypto security threats

This incident is not an isolated problem in the industry. According to a comprehensive report by Chainalysis, total cryptocurrency thefts reached $6.75 billion in 2025. This highlights the ongoing rise of sophisticated attacks targeting digital asset owners.

The number of compromised personal wallets increased by 147% from the previous year—from 64,000 cases to 158,000 cases. Although more cases are being reported, the average amount stolen has decreased, reflecting changes in attack strategies by cyber threat actors.

Practical steps for wallet protection

Users should remain vigilant about their crypto holdings. First, always verify the legitimacy of any update before installing. Second, use additional security layers such as hardware wallets for long-term storage. Third, enable multi-factor authentication and password managers with high encryption standards.

Cryptocurrency wallets function as digital safes where private keys are the true keys to your assets. If malicious actors gain access to these keys, they can redirect your funds instantly, making constant vigilance essential in this industry.

Trust Wallet’s recognition does not necessarily mean the breach was due to security incompetence but rather the escalating nature of attacks that challenge all platforms. Their quick response demonstrates their commitment to user protection and transparency, which is critical in a time when trust in digital finance continues to be tested.