Trust Wallet users report fund drains as ZachXBT raises security concerns

Blockchain investigator ZachXBT reported that multiple Trust Wallet users experienced unauthorised fund outflows on 25 December.

Affected users said assets were drained from their wallet addresses without any transaction approvals.

ZachXBT said the exact cause of the incidents has not yet been confirmed.

The reports emerged shortly after Trust Wallet released an update to its Chrome browser extension.

The close timing between the update and the fund drains has raised concern within the crypto community.

ZachXBT said he is actively collecting wallet addresses linked to the suspected thefts as the investigation continues.

He urged affected users to come forward to help establish patterns and potential vectors of attack.

Trust Wallet has not issued a detailed technical explanation regarding the reported incidents.

The situation has renewed scrutiny over browser-based cryptocurrency wallets and extension security.

Chrome extensions operate with elevated system permissions that can expose users to higher risks.

Security researchers have long warned that malicious updates or compromised dependencies can lead to large-scale wallet breaches.

Recent months have seen several high-profile threats involving browser wallet extensions.

In some cases, fake wallet extensions were designed to steal seed phrases and later drain user funds.

Other malicious extensions posed as trading tools and subtly altered transaction details.

These attacks often siphoned small amounts of crypto during routine user approvals.

Cybersecurity researchers have also identified broader campaigns targeting popular browser extensions.

Legitimate extensions were later updated to inject malicious scripts or reroute web traffic.

Such techniques can be adapted to intercept wallet sessions or manipulate transaction approvals.

Against this backdrop, the Trust Wallet reports have triggered widespread alarm among users.

Community members have been advised to carefully review recent wallet transactions.

Users are being urged to revoke unnecessary permissions linked to browser extensions.

Security experts recommend avoiding signing new transactions until further clarity is provided.

Those who believe their wallet may be compromised are advised to move remaining funds immediately.

Best practice guidance includes transferring assets to a new wallet generated with a fresh seed phrase.

ZachXBT said caution is warranted until the root cause is clearly identified.

Trust Wallet has not confirmed whether the Chrome extension update is directly responsible.

The lack of confirmation has left users uncertain about the scope of potential exposure.

Analysts said the episode highlights ongoing security risks tied to browser-based crypto tools.

Extension-level attacks remain difficult to detect until losses are reported.

The incident has intensified calls for stronger safeguards and auditing of wallet software updates.

Market participants said transparency and rapid communication will be critical to restoring trust.

At the time of reporting, Bitcoin price was $89,069.09.