Ethical Hacking News
A widespread cyberattack has left millions of dollars' worth of cryptocurrency being stolen from users of the Trust Wallet Chrome extension. The attack appears to have been linked to a compromised version of the extension, which exfiltrated sensitive wallet data to an external server hosted at metrics-trustwallet.com. In this article, we will explore the details of the incident and what it means for cybersecurity in the future.
Ax Sharma, a security researcher and journalist, analyzed a widespread cyberattack on Trust Wallet Chrome extension. The attack resulted in millions of dollars' worth of cryptocurrency being stolen from affected users. A suspicious code was found in version 2.68.0 of the extension that exfiltrated sensitive wallet data to an external server. The incident highlights the importance of keeping software up-to-date and being cautious with unfamiliar extensions. Trust Wallet has confirmed a security incident, advised users to update to version 2.69, but not yet addressed compensation or remediation options.
Ax Sharma is a security researcher and journalist focused on malware analyses and cybercrime investigations. His expertise includes open source software security, threat intel analysis, and reverse engineering. Frequently featured by leading media outlets like the BBC, Channel 5 (UK), Fortune, WIRED, among others, Ax is an active community member of the OWASP Foundation and the Canadian Association of Journalists (CAJ).
Recently, a widespread cyberattack was reported to have targeted users of the Trust Wallet Chrome extension. The attack resulted in millions of dollars' worth of cryptocurrency being stolen from affected users.
According to sources, multiple users began reporting on social media that their funds had been drained from their wallets shortly after interacting with the Trust Wallet Chrome browser extension. Security analysts later discovered suspicious code present in version 2.68.0 of the Trust Wallet Chrome extension, which appears to exfiltrate sensitive wallet data to an external server hosted at metrics-trustwallet.com.
The presence of a newly registered external "metrics" endpoint inside a browser wallet extension is highly unusual, given the extension's privileged access to wallet operations and sensitive data.
The incident highlights the importance of keeping software up-to-date and being cautious when interacting with unfamiliar extensions in the Chrome web store. It also underscores the need for robust cybersecurity measures to protect users' sensitive data.
Trust Wallet has confirmed that a "security incident" had affected version 2.68.0 of its Chrome extension, and advised users to update immediately to version 2.69 to resolve the issue. However, Trust Wallet has not yet responded to questions regarding whether affected users will be compensated or what remediation options are available for those whose wallets were drained as a result of the incident.
In light of this security breach, it is essential for users to exercise caution when using the Chrome browser extension and to keep their software up-to-date. It is also crucial for cybersecurity professionals to monitor the web store for potential threats and to work closely with manufacturers to address vulnerabilities in their products.
Related Information:
https://www.ethicalhackingnews.com/articles/Trust-Wallet-Chrome-Extension-Hack-Leaves-Millions-in-the-Red-ehn.shtml
https://www.bleepingcomputer.com/news/security/trust-wallet-chrome-extension-hack-tied-to-millions-in-losses/
https://finance.yahoo.com/news/trust-wallet-hit-malicious-7m-084232843.html
https://thecryptobasic.com/2025/12/26/trust-wallet-confirms-extension-hack-that-left-7-million-in-losses/
Published: Fri Dec 26 05:37:48 2025 by llama3.2 3B Q4_K_M
