Serious bug in Trust Wallet extension: how $6 million in crypto became endangered and why version 2.69 became urgent

What happened: Blockchain researchers and users documented a massive fund loss this week related to a specific version of a browser extension for a popular non-custodial wallet. According to preliminary estimates by analysts, the losses amounted to over $6 million across various blockchains, and the number of affected wallets reached several hundred. The company responded promptly by removing the problematic version and releasing a critical fix.

Trust Wallet Extension: when security proved vulnerable

The company officially announced the discovery of a critical security flaw that affected only Browser Extension version 2.68. The issue forced an urgent disablement of the extension and the rollout of an update to version 2.69, available through the official Chrome Web Store.

It is important to note that the flaw did not affect:

• Mobile wallet users
• Desktop users with other extension versions
• The core platform infrastructure

The company instructed users to immediately cease using 2.68 and refrain from opening the extension until the fix was installed.

Thieves stole funds immediately after authorization

The first indication of the problem came from independent researchers who noticed anomalous asset movements from users who recently interacted with the Chrome extension. Victims reported that their funds were withdrawn instantly after authorizing transactions within the extension.

The thefts involved several blockchains:

• Ethereum and EVM-compatible networks
• Solana
• Bitcoin

The close timing between the release of version 2.68 and the activation of thefts pointed to a direct causality. Although Trust Wallet did not disclose exact amounts, researchers identified about a hundred accounts with abnormal spending.

Suspected compromise in the distribution chain

Security experts speculate about the possible injection of malicious code during the development or distribution process of version 2.68. If attackers managed to influence the build or dissemination stage of the extension, they could have gained access to intercept critical wallet operations — such as signing transactions or session confirmations.

This theory aligns with anonymous transfers users observed to unknown addresses without other visible anomalies. Trust Wallet announced an investigation has been initiated, promising to disclose more detailed findings later.

User action sequence

The wallet recommended urgent measures:

• Disable the Trust Wallet extension in Chrome
• Enable developer mode
• Force upgrade to version 2.69
• Confirm the version number before further use

The company emphasized the importance of downloading updates solely through the official Chrome store, not via alternative sources.

Systemic vulnerability in the crypto wallet world

This incident reveals a deeper issue: even self-custodial wallets can become targets if their distribution channels are compromised. Browser extensions pose particular risks:

• They have direct access to private keys and confirmation requests
• Operate in environments vulnerable to phishing and malicious scripts
• Require frequent updates, increasing attack surfaces

Unlike vulnerabilities in smart contracts, wallet compromise does not involve on-chain protection mechanisms, and losses are irreversible. Considering Trust Wallet has over 220 million users worldwide, even issues limited to a single version could have long-lasting reputational impacts.