Trust Wallet suffered a major security vulnerability! Do not import mnemonic phrases and upgrade to 2.69 as soon as possible, at least $6 million has been stolen

👤 02mp@Penny 📅 2026-07-17 20:31:43

Trust Wallet confirmed this morning that browser extension version 2.68 has a fatal vulnerability, which will cause on-chain losses and users must immediately upgrade to 2.69.
(Preliminary summary: CZ retweet detonated the Trust Wallet token TWT soaring by 40%; pointing to the era of 1 billion Web3 users)
(Background supplement: What is the "Wallet as a Service" WaaS launched by Trust Wallet, analysis of advantages and disadvantages, can it become mainstream in the future? )

Cryptocurrency wallet Trust Wallet A major security alert was issued at around 6 a.m. today (26th), confirming that version 2.68 of its browser extension has a serious vulnerability, leading to the outflow of user assets. On-chain detective ZachXBT tracking shows that the number of victims has reached hundreds, and the loss was first estimated at about $6 million.

For users who haven't already updated to Extension version 2.69, please do not open the Browser Extension until you have updated. This may help to ensure the security of your wallet and prevent further issues.

— Trust Wallet (@TrustWallet) December 26, 2025

Vulnerability details and loss scale

The official notice pointed out that the affected objects are users who have installed version 2.68 extensions on the mobile version. Trust Wallet emphasized in the announcement:

"We have released a patch for version 2.69, please all browser extension users to upgrade immediately."

If you are also a Trust Wallet user and have installed version 2.68, "Please do not import the mnemonic phrase" and it is best to upgrade through the official link of the Chrome Online App Store. Mnemonic phrases imported in a contaminated environment are best treated as leaks, and it is best to create a new wallet and migrate the balance (it is recommended that assets be transferred to other brand wallets before the official problem is completely solved).

The malicious script 4482.js sneaked in through official updates

It is understood that the attacker inserted a file named 4482.js during the packaging process and claimed to be used for "Analytics". When it detects that the user enters the mnemonic phrase, it sends the data to the registered domain metrics-trustwallet.com, and then uses automated scripts to quickly withdraw assets from the EVM compatible chain, Bitcoin and Solana.

At present, individual victims have reported losses ranging from tens of thousands to hundreds of thousands of dollars. We will continue to track the official next step for potential compensation.

Rótulo:
compartilhar:
FB X YT IG
02mp@Penny

02mp@Penny

Editor de blockchain e criptoativos, com foco empolíticaAnálise e insights de conteúdo de domínio

Comentário (10)

Gwen 13dias atrás
The industry is still in its early stages.
Children 13dias atrás
The content of the article is informative and supports sharing.
Raymond 14dias atrás
The ecosystem will be more open in the future.
Finnegan 14dias atrás
At present, blockchain applications still need to be popularized.
Lloyd 20dias atrás
It is very systematically written and I have collected it.
Quinn 20dias atrás
A good point and worth paying attention to.
Florence 26dias atrás
The future narrative is still there, but implementation is more important.
Bob 32dias atrás
The author must have practical experience and his views are very solid.
Aaron 35dias atrás
Technological innovation is the driving force behind industry development.
Drew 39dias atrás
What are the main risks of liquidity mining in DeFi?

Adicionar comentário

Conteúdo popular