Trust Wallet — the popular non-custodial wallet owned by Binance — issued an urgent security warning to approximately 36,000 users whose browser extension wallets (Chrome/Edge versions) may have been compromised through a sophisticated supply-chain attack or malicious update.
The alert, posted on Trust Wallet’s official X account and website, detailed that a recent version of the extension (specifically versions 2.68.0 to 2.68.3, released in late December 2025) contained a vulnerability that allowed attackers to access private keys or seed phrases under certain conditions. Affected users were urged to immediately:
- Stop using the compromised extension
- Transfer all funds to a new, secure wallet (preferably hardware or fresh software install)
- Revoke any approvals/connections via tools like Revoke.cash
- Never enter seed phrases on untrusted sites or extensions
Trust Wallet confirmed the issue stemmed from a third-party library dependency that was exploited shortly after deployment. The team rolled back the vulnerable version within hours of detection, pushed a patched update (v2.68.4+), and began proactive notifications to at-risk users via in-app banners, email, and push alerts. While the exact number of confirmed thefts is not yet public, early reports from affected users indicate losses ranging from a few hundred to tens of thousands of dollars per wallet, primarily in ETH, BNB, and popular tokens.
This incident adds to the growing list of browser extension vulnerabilities in 2025–2026, where social engineering, fake updates, and supply-chain risks have become the primary attack vectors for retail users. Trust Wallet emphasized that core mobile and desktop apps remain unaffected and that self-custody best practices (hardware wallets, air-gapped signing, seed phrase security) are the strongest defense.
The warning has triggered widespread panic and discussion on X since January 3, 2026, with screenshots of the alert, user loss stories, patched version confirmations, and security tips circulating rapidly, fueling debates on browser wallet safety, extension risks, proactive disclosures, and the ongoing challenge of securing non-custodial tools among traders, security researchers, and everyday holders.
#Crypto dominates global discussions with massive volume.
#TrustWallet surges with the 36K compromised extension warning.
#CryptoNews is buzzing with browser wallet security alerts.
#Blockchain thrives in vulnerability and protection debates.
#Bitcoin remains a top trend with huge activity.
#Security gains traction in phishing and extension risk conversations.
#Web3 continues strong in user safety discussions.
Stay ahead in the fast-evolving crypto security and wallet landscape — subscribe to our exclusive newsletters for daily insights, in-depth analysis, and timely market updates at www.token10x.com. Join our WhatsApp channel for real-time alerts and community discussions – click here. Dive into more articles on www.token10x.blog. Join our growing community today!
What’s your take — are browser extensions simply too risky for holding significant crypto in 2026, or can improved updates and user education make them safe again? Drop your thoughts below 👇