Trust Wallet launches compensation process for $7 million browser extension hack victims
Trust Wallet on Friday announced it has launched a formal compensation process for victims of a security incident affecting its Chrome browser extension, two days after malicious code was discovered embedded in version 2.68 of the software.Affected users can submit claims through an official support form hosted on Trust Wallet's portal. The process asks victims to provide their email address, country of residence, compromised wallet addresses, the attacker's receiving addresses, and relevant transaction hashes. Trust Wallet has pledged to compensate all affected users. "We are working around the clock to finalize the compensation process details and each case requires careful verification to ensure accuracy and security," Trust Wallet wrote on X. The wallet provider confirmed that approximately $7 million in digital assets were stolen across multiple blockchains, including bitcoin, ether, and solana. According to blockchain security firm PeckShield, more than $4 million of the stolen funds had already been moved through centralized exchanges including ChangeNOW, FixedFloat, and KuCoin, while approximately $2.8 million remained in the attacker's wallets as of Thursday.Changpeng Zhao, founder of Binance, which acquired Trust Wallet in 2018, confirmed on X that the company will cover all affected losses. "So far, $7m affected by this hack. TrustWallet will cover," Zhao wrote, adding that user funds "are SAFU."The incident came to light after onchain investigator ZachXBT issued an alert on Telegram on Christmas Day warning that multiple Trust Wallet users had reported funds being drained shortly after the extension's Dec. 24 update, The Block previously reported. Trust Wallet pushed a fix in version 2.69 on Dec. 25, with Trust Wallet CEO Eowyn Chen noting that users who logged into the extension before Dec. 26 at 11 a.m. UTC were potentially affected.Chen said the company's investigation found that a leaked Chrome Web Store API key was used to publish the compromised extension on Dec. 24 at 12:32 p.m. UTC, bypassing Trust Wallet's standard internal release process. The malicious code, identified by security firm SlowMist, was designed to harvest wallet seed phrases using a modified open-source analytics library. Mobile app users and those running other versions of the browser extension were not affected by the incident. Trust Wallet's Chrome extension has approximately one million users according to its Web Store listing.Disclaimer: The Block is an independent media outlet that delivers news, research, and data. As of November 2023, Foresight Ventures is a majority investor of The Block. Foresight Ventures invests in other companies in the crypto space. Crypto exchange Bitget is an anchor LP for Foresight Ventures. The Block continues to operate independently to deliver objective, impactful, and timely information about the crypto industry. Here are our current financial disclosures.© 2025 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.