Overview
- Trust Wallet says the issue was confined to Chrome extension version 2.68 and instructs users to disable it and update to version 2.69, with mobile and other extension versions unaffected.
- Security firms report that v2.68 included malicious logic that decrypted stored mnemonics and transmitted them to an attacker server at api.metrics-trustwallet[.]com.
- PeckShield reports about $2.8 million remains in attacker wallets while more than $4 million was funneled to centralized services including ChangeNOW, FixedFloat, and KuCoin.
- Trust Wallet confirms roughly $7 million was impacted and pledges full reimbursement, with CZ stating user funds are SAFU as investigators probe how the compromised update was submitted.
- BleepingComputer observed copycat phishing sites such as fix-trustwallet[.]com seeking seed phrases, and Trust Wallet urges users to follow only official support channels.