Blockchain investigator ZachXBT issued a community alert on December 25, reporting that multiple users of the popular Trust Wallet had experienced unauthorized fund outflows within the past few hours. Affected users stated that assets were drained from their wallet addresses without their approval.
The exact root cause of the security incident remains unconfirmed. However, the timing has raised significant concerns, as the reports followed a recent update to Trust Wallet's Chrome browser extension that was released just a day earlier. ZachXBT has begun collecting wallet addresses linked to the suspected thefts and has asked affected users to come forward as the investigation continues.
While Trust Wallet has not yet issued a detailed technical explanation or official statement, the situation has renewed scrutiny around the security of browser-based crypto wallets. Security researchers have long warned that Chrome extensions operate with elevated permissions, making them a potential attack vector. A single malicious update or a compromised dependency can expose users to significant risk.
This incident occurs against a backdrop of increasing threats targeting browser extensions. Recent months have seen several high-profile cases, including fake wallet extensions designed to capture seed phrases and malicious trading "helper" extensions that modify transaction instructions to siphon funds. Cybersecurity campaigns have also involved seemingly legitimate extensions that were later updated to inject malicious scripts.
In response to the alert, the crypto community is urging users to review recent transactions, revoke unnecessary permissions, and avoid signing new transactions until more clarity emerges. Those who suspect their wallet may be compromised are advised to move remaining funds to a new wallet created from a fresh seed phrase. At the time of reporting, a wallet address linked to the suspected thefts contained approximately $2.4 million worth of cryptocurrency.
