Trust Wallet Security Breach Impacts Users
- Trust Wallet Chrome extension breach impacts $7M in user funds.
- Full refunds promised to all affected users.
- Security enhancements underway for future prevention.
Trust Wallet has confirmed a major security breach in its Chrome extension version 2.68, affecting approximately $7 million in user funds.
The incident highlights the vulnerabilities in browser extension security, prompting a commitment from Trust Wallet to reimburse affected users, while impacting the market’s perception of browser-based wallets.
Trust Wallet revealed a security breach in its Chrome browser extension version 2.68. Approximately $7M in user funds were impacted. The company confirmed this on their official X (formerly Twitter) account, ensuring full refunds for affected users.
Trust Wallet, a non-custodial wallet acquired by Binance in 2018, faced a compromise in its Chrome extension. CEO Eowyn Chen reported the unauthorized version bypassed release checks via a stolen Chrome Web Store API key, leading to security vulnerabilities.
Eowyn Chen, CEO, Trust Wallet, “The hacker used a leaked Chrome Web Store API key to submit the malicious extension version v2.68.”[source]
The breach mainly affected users logging in before December 26, and mobile apps remained unaffected. This incident highlighted browser extension risks and sparked discussions on secure fund custody methods, such as hardware wallets, within the crypto community.
Financially, the breach included stolen assets across BTC, ETH, and Solana. The funds will be refunded by Trust Wallet, not transferred user losses. Regulatory frameworks for software security are indirectly reinforced due to tightened operational security requirements.
Enhanced security protocols are likely. Historical breaches point to the potential hardening of release pipelines and API key management. This incident could steer user preferences towards more secure wallet options, affecting wallet development and user trust metrics.
