Trust Wallet users hit by mystery hack as more than $6M drained

Reports of a major security incident involving Trust Wallet spread rapidly on social media on Thursday, with hundreds of users claiming their funds were suddenly drained.

Blockchain security influencer ZachXBT first flagged the issue, stating that multiple Trust Wallet users had reported unexplained losses.

According to ZachXBT, the scale of the incident quickly escalated, with total losses exceeding $6 million across affected wallets.

The stolen assets reportedly include Bitcoin, Solana-based tokens and several EVM-compatible tokens.

ZachXBT said the number of victims had risen into the hundreds as more users came forward with similar complaints.

The exact cause of the breach remains unconfirmed, adding to uncertainty among Trust Wallet users.

An X user known as Akinator suggested the incident may be linked to a supply chain attack tied to a recent update of Trust Wallet’s browser extension.

Akinator alleged that the December 24 update introduced hidden code disguised as analytics software.

A recent update added hidden code that silently sends wallet data outside. It pretends to be analytics, but it tracks wallet activity and triggers when a seed phrase is imported.

Akinator said.

Several social media reports appear to support this claim, with users stating their funds were withdrawn shortly after entering seed phrases into the browser extension.

ZachXBT said he hoped Trust Wallet would compensate affected users if the investigation confirms responsibility lies with the wallet provider.

The incident has reignited concerns about browser extensions and their security risks within the crypto ecosystem.

Threat researcher Vladimir S. claimed he contacted a Trust Wallet team member anonymously regarding the issue.

From what I know, if you have the TW extension in Google and you have money there, disconnect the computer on which it is installed from the network and the Internet. This will minimise damage.

Vladimir S. said.

Vladimir S. added that such steps could help prevent further losses while the situation is being assessed.

Vladimir S. stated that Trust Wallet is investigating the reports and is expected to provide updates soon.

The lack of immediate clarity has fuelled anxiety among users who rely on Trust Wallet for asset storage.

The incident highlights ongoing security challenges facing self-custody wallet providers amid rising adoption.

Market participants are now closely watching for confirmation of the attack’s origin and any potential remediation measures.

At the time of reporting, Bitcoin price was $89,035.65.