TrustWallet Chrome Extension don hack, drain ~7M$ by stealin seed phrases

Published: 2025-12-26 13:02:12 |

Di Binance-backed Trust Wallet Chrome extension (v2.68.0) bin compromise for Dec 24, 2025 after dem inject bad JavaScript wey hide as analytics (especially file 4482.js) inside the extension. The payload capture seed phrases and wallet activity when users import or open mnemonics, then dem send the data go lookalike domains wey carry TrustWallet metrics name. Attackers use the stolen seeds to restore wallets automatically and withdraw assets across Bitcoin, Solana, BNB Smart Chain and many EVM L2s without need for transaction approvals. About $7 million na taken and quickly dem consolidate am through services like ChangeNOW, FixedFloat, KuCoin and HTX. Trust Wallet release updated extension (v2.69.0), dem urge people make dem upgrade immediately or disable the extension, and dem talk say dem go refund affected users though details never finish. The incident show say e fit be supply‑chain or malicious code injection wey target browser extension imports and e highlight the big risk of seed phrases for browser wallets. Traders suppose treat am as warning: no dey use browser wallet extensions until updates don audit, move funds to hardware or official mobile wallets, rotate keys, monitor suspicious addresses, and expect short‑term downward pressure on affected tokens (including TWT). Main keywords: TrustWallet hack, seed phrase theft, browser extension malware; secondary keywords: Chrome extension compromise, wallet security, supply‑chain attack.

Bearish

Di hacking don spoil trust for inside Trust Wallet ecosystem and the TWT token. News say one Chrome extension wey many people dey use comot seed phrases and make about $7M waka increase short-term selling pressure for TWT as users and bots dey react to the security risk and uncertain refunds. Traders go likely shift holdings comot from assets wey dem see as risky, move into safer custody (hardware wallets or audited mobile apps) and reduce exposure to tokens wey depend on extensions. Liquidity for affected tokens fit thin as holders withdraw or consolidate, which go amplify volatility and downward price moves short-term. For medium-to-long term, the impact go depend on Trust Wallet remediation, clarity on refunds, and whether developers or marketplaces fit regain user confidence; if fixes and compensation clear and credible, the negative pressure fit ease. But repeated or visible supply-chain attacks usually keep investor risk premiums higher for the token and related extension-dependent assets.