Trust Wallet has a major security vulnerability! Do not import your seed phrase and upgrade to 2.69 as soon as possible. The stolen amount is at least 6 million USD.

Trust Wallet confirms this morning that version 2.68 of the browser extension has a critical vulnerability, leading to increased on-chain losses. Users must immediately upgrade to 2.69.
(Background: CZ’s retweet sparks a 40% surge in Trust Wallet’s TWT token; targeting a billion Web3 users in a new era)
(Additional context: What is Trust Wallet’s “Wallet as a Service” (WaaS), its pros and cons, and can it become mainstream in the future?)

Cryptocurrency wallet Trust Wallet issued a major security alert this morning around 6 AM, confirming that version 2.68 of its browser extension has a serious vulnerability, resulting in user asset outflows. On-chain detective ZachXBT’s tracking shows that hundreds of victims have been affected, with estimated losses first reaching approximately $6 million.

For users who haven’t already updated to Extension version 2.69, please do not open the Browser Extension until you have updated. This may help to ensure the security of your wallet and prevent further issues.

— Trust Wallet (@TrustWallet) December 26, 2025

Details of the vulnerability and scope of losses

The official notice states that the affected users are those who installed version 2.68 of the extension on mobile devices. Trust Wallet emphasizes in its announcement:

“We have released version 2.69 as a fix. All browser extension users are urged to upgrade immediately.”

If you are a Trust Wallet user and have installed version 2.68, “please do not import your seed phrase” and it is best to upgrade through the official link in the Chrome Web Store. Seed phrases imported in contaminated environments should be considered compromised; it is recommended to create a new wallet and transfer the remaining funds.

Malicious script 4482.js infiltrates through official updates

It is understood that attackers inserted a file named 4482.js during the packaging process, claiming it was for “Analytics.” When detecting user input of seed phrases, it transmits data to the registered domain metrics-trustwallet.com, then automatically initiates asset transfers across EVM-compatible chains, Bitcoin, and Solana using automation scripts.

Currently, reports from individual victims show losses ranging from tens of thousands to hundreds of thousands of dollars. The official will continue to monitor and update on potential compensation measures.