Trust Wallet Users at Risk? ZachXBT Flags Security Warning

Blockchain investigator ZachXBT reported on December 25 that multiple Trust Wallet users experienced unauthorized fund outflows within the past few hours. 

Affected users say assets were drained from their wallet addresses without approval.

Sponsored

SponsoredMajor Security Warning For Trust Wallet Users?

According to ZachXBT, the exact root cause remains unconfirmed. However, the timing has raised concerns. Today’s incidents followed a recent update to Trust Wallet’s Chrome extension that was released a day earlier. 

ZachXBT has begun collecting wallet addresses linked to the suspected thefts and asked affected users to come forward as the investigation continues.

ZachXBT Issues Community Alert for Trust Wallet Users on His Telegram Group

Trust Wallet has since confirmed a security incident affecting Trust Wallet Browser Extension version 2.68 only.

In a public statement, the company said users running version 2.68 should disable the extension immediately and upgrade to version 2.69 via the official Chrome Web Store.

We’ve identified a security incident affecting Trust Wallet Browser Extension version 2.68 only. Users with Browser Extension 2.68 should disable and upgrade to 2.69.

Please refer to the official Chrome Webstore link here: https://t.co/V3vMq31TKb

Please note: Mobile-only users…

— Trust Wallet (@TrustWallet) December 25, 2025
Sponsored

SponsoredChrome Extensions Continue to Drive Wallet Security Concerns

Chrome extensions operate with elevated permissions. Security researchers have repeatedly warned that a single malicious update or compromised dependency can expose users to significant risk.

Recent months have already seen several high-profile extension-related wallet threats. 

Security firms previously flagged fake wallet extensions designed to capture seed phrases, allowing attackers to fully recreate wallets and drain funds later. 

Recently Reported Fake Chrome Extensions that Drain Crypto Wallets. Source: The Hacker News

In other cases, malicious trading “helper” extensions quietly modified transaction instructions, siphoning small amounts of crypto each time a user approved a swap.

More broadly, cybersecurity researchers have documented campaigns involving seemingly legitimate browser extensions that were later updated to inject scripts, reroute traffic, or harvest sensitive data. 

While not always crypto-specific, such capabilities can be repurposed to target wallet sessions, sign-in flows, or transaction approvals.

Against that backdrop, the Trust Wallet reports have triggered immediate concern across the crypto community. 

Users are being urged to review recent transactions, revoke unnecessary permissions, and avoid signing new transactions until more clarity emerges. 

Those who suspect compromise are advised to move remaining funds to new wallets created from fresh seed phrases.