Researchers and blockchain investigator ZachXBT have sounded the alarm over a potential supply‑chain compromise in the Trust Wallet browser extension after suspicious activity tied to a recent update. What happened - On 24 December a Trust Wallet browser‑extension update was released. By 25 December, posts on X (Twitter) from ZachXBT and other security researchers flagged code in that update that they say could quietly exfiltrate wallet data when users import a seed phrase. - Analysts say a newly added JavaScript file—disguised as analytics—appears to activate only on seed‑phrase import and transmit wallet information to an external domain designed to resemble Trust Wallet infrastructure. Reports note that the domain was registered just days before the events and has since gone offline. - Multiple users publicly reported wallets being drained shortly after importing seed phrases into the extension. Publicly shared but unverified estimates put losses at more than $2 million. Researchers add that funds were routed through multiple addresses in a way more consistent with automated exploitation than isolated user error. Scope and risk - Early warnings focused specifically on the browser extension, where update mechanisms and third‑party dependencies create greater supply‑chain risk. Analysts stressed this looks more like a coordinated supply‑chain attack than ordinary phishing or user mistakes — if confirmed, a class of incident that has historically produced rapid, large‑scale losses across the crypto ecosystem. - At the time researchers first raised concerns, Trust Wallet had not yet responded publicly. Investigators urged users not to import seed phrases into the browser extension until the situation was clarified. Trust Wallet response - Trust Wallet later issued a statement on 25 December confirming a security incident limited to Trust Wallet Browser Extension version 2.68. The company advised users running v2.68 to disable the extension immediately and upgrade to version 2.69, which it described as a fixed release. - Trust Wallet said mobile apps and other extension versions were not impacted, that the issue was limited in scope, and that its team was actively working on the matter. The firm did not provide technical root‑cause details in its statement. Investigation status and advice - Researchers emphasize the situation remains under active investigation and that final conclusions should await a full code review and on‑chain analysis. - Practical guidance for users: do not import seed phrases into the Trust Wallet browser extension until you’ve confirmed you’re on an unaffected version (Trust Wallet says v2.69 fixes the issue) and consider disabling the extension entirely for now. As always, never share your seed phrase and use hardware wallets or mobile apps you trust for large balances. If confirmed, this incident would represent a serious supply‑chain compromise rather than routine phishing — a reminder of the elevated risks tied to third‑party extensions and updates. Disclaimer: This content is informational and not investment advice. Cryptocurrency trading and custody carry high risk; do your own research before making decisions. © 2025 AMBCrypto Read more AI-generated news on: undefined/news