When a wallet provider says self custody, users expect the software layer to be airtight. That trust took a hit this week after Trust Wallet confirmed a malicious update to its Chrome browser extension led to the theft of roughly $7 million in digital assets. Now, the company says it is moving fast to make affected users whole.
Two days after discovering the breach, Trust Wallet announced it has launched a formal compensation process for victims impacted by the compromised version 2.68 of its Chrome extension.
How the Compensation Process Works
Trust Wallet has opened an official claims portal where affected users can submit details related to the attack. The form asks for basic identification information such as email address and country, along with technical evidence including compromised wallet addresses, attacker receiving addresses, and transaction hashes.
The company says every submission will be individually reviewed. According to Trust Wallet, this verification is essential to prevent errors, false claims, or further abuse of the situation.
In a public statement, the company said it is working around the clock to finalize compensation and ensure accuracy while maintaining security throughout the process.
What Was Stolen and Where the Funds Went
The breach resulted in losses across multiple blockchains, including Bitcoin, Ethereum, and Solana. Blockchain security firm PeckShield estimates that over $4 million of the stolen funds have already passed through centralized exchanges such as ChangeNOW, FixedFloat, and KuCoin.
As of the latest onchain data, roughly $2.8 million remains in wallets controlled by the attacker.
Adding reassurance for users, Changpeng Zhao, founder of Binance, confirmed publicly that all verified losses will be covered.
In a post on X, Zhao stated that approximately $7 million was affected and that Trust Wallet will fully compensate users, emphasizing that user funds remain SAFU.
How the Attack Happened
The incident first surfaced after onchain investigator ZachXBT warned on Telegram that multiple Trust Wallet users were reporting drained balances shortly after installing the December 24 update.
Trust Wallet’s internal investigation revealed that a leaked Chrome Web Store API key was used to publish the malicious extension update at 12:32 p.m. UTC on December 24. This allowed the attackers to bypass the company’s internal release controls.
Security firm SlowMist later identified the malicious code, which leveraged a modified open source analytics library to harvest wallet seed phrases. Once compromised, attackers could quickly drain funds without further user interaction.
Who Was Affected and Who Was Not
Only users of the Chrome extension running version 2.68 were impacted. Trust Wallet pushed a patched release, version 2.69, on December 25. According to CEO Eowyn Chen, users who logged into the extension before December 26 at 11 a.m. UTC were potentially exposed.
Mobile app users and those using other browser versions of the extension were not affected. The Chrome extension alone has close to one million users, according to its Web Store listing.
Warning Against Fake Compensation Scams
Trust Wallet is also urging users to stay alert. In the aftermath of the breach, fake compensation forms and impersonation scams have already begun circulating. The company stressed that claims should only be submitted through its official support portal and warned users not to share recovery phrases or private keys under any circumstances.
What This Means Going Forward
This incident is a reminder that even well known wallet providers remain exposed to supply chain risks, especially through browser extensions. While Trust Wallet’s decision to fully compensate users helps restore confidence, the breach underscores how a single leaked credential can cascade into millions in losses.
For users, the lesson is simple but uncomfortable. Updates matter, verification matters, and browser extensions remain one of the softest targets in the crypto ecosystem.
Source: https://cryptoticker.io/en/trust-wallet-begins-compensation-for-victims-of-dollar7-million-browser-extension-hack/
