Trust Wallet users are facing disruptions as the browser extension for Google Chrome Web Store remains temporarily unavailable due to a technical issue. The delay has prevented the release of critical verification tools designed to help victims of a recent security breach claim reimbursements.
CEO Eowyn Chen confirmed that the extension was removed because of a bug on the Chrome Web Store while attempting to release a new version. The updated version was intended to include features allowing users to submit verification codes directly from the extension, streamlining the reimbursement process for those affected by the Christmas Day security incident.
The delayed release carries significant implications. Trust Wallet has identified 2,596 affected wallet addresses from the December breach, yet the company has received approximately 5,000 reimbursement claims. This discrepancy suggests a substantial number of false or duplicate submissions attempting to access victim reimbursements, according to Chen’s statement on social media platform X.
The CEO issued warnings to users about remaining alert to fake Trust Wallet browser extensions on the Chrome Web Store until the official latest version becomes available. This caution highlights the vulnerability of users during service outages when malicious actors often attempt to exploit confusion by distributing counterfeit extensions.
Christmas Day Security Breach Details
The Trust Wallet incident that necessitated the verification tool occurred on Christmas Day, resulting in over $7 million drained from user accounts. The company revealed that approximately $8.5 million in cryptocurrency assets were drained from 2,520 wallet addresses controlled by attackers. Trust Wallet has committed to reimbursing all verified victims of the breach.
According to the company’s incident report, the attack was traced back to the Shai-Hulud supply chain exploit that affected multiple companies across the cryptocurrency industry. Trust Wallet’s Developer GitHub secrets were leaked in the incident, providing attackers with access to its source code and the Chrome Web Store API key. This access allowed threat actors to bypass standard security protocols.
The attackers used the compromised API key to upload a malicious version of the Trust Wallet browser extension, version 2.68, directly to the Chrome Web Store. The tampered extension included hidden code capable of extracting user recovery phrases and executing unauthorized transactions across multiple blockchains including Bitcoin, Ethereum, and Solana.
Security researchers at SlowMist identified that the malicious code was embedded within the extension’s analytics logic, designed to harvest wallet seed phrases through a modified analytics library. Users who installed version 2.68 and logged into their wallets between December 24 and December 26 were potentially affected.
Blockchain security firm PeckShield reported that more than $4 million of the stolen funds had already moved through centralized exchanges including ChangeNOW, FixedFloat, and KuCoin, while approximately $2.8 million remained in attacker-controlled wallets as of late December.
Several industry observers, including intergovernmental blockchain adviser Anndy Lian, suggested the hack showed signs of insider involvement. Binance co-founder CZ echoed similar concerns, noting the attacker’s familiarity with Trust Wallet’s code structure suggested internal knowledge. However, Trust Wallet’s investigation attributes the breach to the broader Shai-Hulud supply chain attack rather than confirming insider involvement.
The incident underscores ongoing security challenges facing browser-based cryptocurrency tools and hot wallets connected to the internet. Extension-based wallets remain attractive targets for attackers due to their convenience and widespread adoption in decentralized finance applications.
Trust Wallet has released a clean version 2.69 of the extension, disabled compromised publishing credentials, and implemented enhanced security measures. The company stated it is prioritizing user protection while working to restore full functionality through official channels.
Users currently requiring Trust Wallet services are advised to use the mobile applications available on iOS and Android platforms, which were not affected by the browser extension compromise. The company emphasized that updates will only be communicated through verified Trust Wallet accounts and official support websites.
Read Also: Why Most Blockchain Projects Fail (And What the Survivors Do Differently)
