Hackers Stole $4.3 Million Through Trust Wallet Update: Users Lose Cryptocurrencies Within Hours

On December 25, blockchain researcher ZachXBT reported massive cryptocurrency thefts from Trust Wallet wallets. Malicious actors stole over $4.3 million, with all incidents occurring within hours after updating the Chrome extension to version 2.68.0.

According to ZachXBT, several Trust Wallet users reported unauthorized fund outflows from their addresses without any confirmations from their side. Most concerning is the fact that all incidents occurred immediately after installing the new version of the Chrome browser extension.

How the Thefts Occurred

Analysis of blockchain transactions showed that malicious actors acted quickly and in an organized manner. Bitcoin, Ethereum, and BNB were instantly transferred from affected wallets without any gradual fund withdrawal. In all cases, users reported that their wallet balances were zeroed immediately after importing seed phrases into the new extension.

ZachXBT identified several addresses linked to suspected thefts, including 0x3b09A3c9aDD7D0262e6E9724D7e823Cd767a0c74, 0x463452C356322D463B84891eBDa33DAED274cB40, and 0xa42297ff42a3b65091967945131cd1db962afae4. These addresses received funds from multiple affected wallets.

Stolen Funds Distribution Scheme

Blockchain records confirm that exploiters used multiple recipient addresses. Funds were moved through several wallets following the same pattern. In all cases, transaction structures proved similar, indicating coordinated actions.

Researchers recorded high frequency of transfers between affected wallets, with activity concentrated precisely in the hours after the extension update deployment.

Warning for Users

Cybersecurity specialists have repeatedly warned about the risks of browser crypto wallets. Chrome extensions operate with elevated permissions, and one malicious update can put users under significant threat.

Users are strongly recommended to:

Review recent transactions
Revoke unnecessary permissions
Avoid signing new transactions until the situation is clarified
Transfer remaining funds to new wallets created with new seed phrases

Currently, Trust Wallet has not provided official explanations regarding the connection between the Chrome extension update and the incidents. The company has also not announced measures to resolve the issue or restore funds. The investigation continues based on blockchain data analysis.

Hackers Stole $4.3 Million Through Trust Wallet Update: Users Lose Cryptocurrencies Within Hours

How the Thefts Occurred

Stolen Funds Distribution Scheme

Warning for Users

AORUS ELITE 16: a versatile laptop for gaming, work, and study

Iron Argument: Laptop Stand with Removable Hub Canyon OnStand 2

COUGAR STRYDER: a classic chair with the durability of gaming models

Review of REAL-EL X-760: 65W Boombox with 16-Hour Battery Life and RGB

GIGABYTE AORUS FO32U2 now: one of the most interesting OLED monitors in Ukraine

Cougar Royal 150 Elite White: premium electric table without compromises

Cougar E-Star 140: affordable electric gaming desk with thoughtful ergonomics

Review of the REAL-EL RM-380W Mouse: Symmetrical Design and Desktop Access Button

Bloody GR585: Universal Wireless Headset with Up to 80 Hours of Battery Life

GIGABYTE announced the release of gaming monitors GO27Q24 and GO27Q24A