Trust Wallet Chrome Extension Supply‑Chain Hack Drains ~$7M — Binance Promises Full Reimbursements

A supply‑chain attack on Trust Wallet’s Chrome browser extension (v2.68) was disclosed on 26 December 2025 after an official update injected malicious code that phished seed phrases and drained users’ wallets. Approximately $6.7–7.0 million across Bitcoin, Ethereum and Solana was stolen from hundreds of addresses, with individual losses ranging from ~ $50,000 up to $3.5 million. On‑chain investigators (ZachXBT, Lookonchain and others) traced laundering routes through services such as ChangeNOW and FixedFloat and observed funds moving towards exchanges including KuCoin and HTX. Trust Wallet released v2.69 to remove the malicious code, advised users to uninstall v2.68, assume seed compromise and migrate assets to new wallets; mobile Trust Wallet and core private‑key infrastructure were reported unaffected. Binance founder Changpeng Zhao confirmed Binance (owner of Trust Wallet) will fully reimburse verified victims and said core systems remain secure. For traders: expect short‑term sell pressure and heightened caution around browser‑extension custody, possible exchange inflows as attackers cash out, and a spike in on‑chain monitoring activity. Actionable steps: monitor on‑chain movement and exchange deposit flows (KuCoin, HTX), avoid interacting with suspicious extensions, and advise affected counterparties to move funds to new wallets or hardware wallets. Primary keywords: Trust Wallet, Chrome extension hack, supply‑chain attack; secondary keywords: seed phrase theft, Binance reimbursement, wallet security.