Binance-owned Crypto Wallet Chrome Extension ‘Hacked’: $7 Million Lost, Co-Founder Responds

Major Cyberattack on Trust Wallet: $7 Million Stolen

Users of the Binance-owned Trust Wallet are reeling after a recent security breach that led to the theft of over $7 million in cryptocurrency. The platform’s co-founder, Changpeng Zhao, reassured users that they would be reimbursed in light of this unfortunate event. This incident has raised alarm bells in the crypto community, highlighting the vulnerabilities even established platforms face.

The Incident Unfolds

The cybersecurity breach was first brought to light on Christmas Day (December 25) by ZachXBT, a well-known investigator in the crypto and blockchain sectors recognized for surfacing scams and unethical practices. Zach noted a sudden uptick in drained wallet addresses, prompting an investigation that pinpointed the culprit to Version 2.68 of the Trust Wallet Chrome extension.

Zhao confirmed the breach via social media, expressing gratitude for users’ understanding as the team investigated how hackers were able to introduce a compromised update. “So far, $7m affected by this hack. @TrustWallet will cover. User funds are SAFU,” Zhao stated, reassuring users that their assets were safe and that the company was committed to rectifying the situation.

Understanding the Hacked Version

The Trust Wallet team issued an urgent notification to users, encouraging them to verify their installed software version immediately. They identified that only Browser Extension Version 2.68 was impacted, recommending that users update to the secure Version 2.69. This action aims to mitigate any further risk and secure user funds.

“Users with Browser Extension 2.68 should disable and upgrade to 2.69,” the team stated in a follow-up message on X (formerly Twitter). They also provided clear instructions on how to maintain wallet security, urging users to act quickly.

Steps to Secure Your Wallet

For users still operating under the compromised version, the Trust Wallet team has outlined a multi-step process to ensure safety and protect their assets:

1. Do Not Open the Extension: Users should refrain from opening the Trust Wallet Browser Extension on their desktop devices until they upgrade, to prevent any potential hacking incidents.

2. Navigate to Chrome Extensions: Go to the Chrome Extensions panel using the link chrome://extensions/?id=egjidjbpglichdcondbcbdnbeeppgdph.

3. Disable the Extension: If the Trust Wallet extension is still activated, users should switch the toggle to “Off”.

4. Enable Developer Mode: In the upper right corner of the Extensions panel, users must click on “Developer mode”.

5. Update the Extension: Click “Update” in the upper left corner to refresh the extension.

6. Verify Version: Users should check the version number to ensure it shows 2.69, confirming their wallet is secure.

Security experts also recommend that anyone impacted by the Version 2.68 breach should transfer any remaining funds to a fresh wallet address generated on the updated and secure version.

User Response and Ongoing Investigations

The crypto community has been vocal about their concerns following this incident. Trust Wallet’s assurance of reimbursement and user safety is a significant step, but it doesn’t negate the unsettling reality of vulnerabilities in digital wallets. As investigations continue, both users and industry experts are closely monitoring the developments. Zhao reiterated the company’s commitment to transparency, promising updates as new information becomes available.

In this digital age, while cryptocurrency offers unparalleled opportunities for investment and innovation, incidents like these serve as stark reminders of the importance of robust security measures and user vigilance. With the ongoing evolution of cybersecurity threats, staying informed and proactive is essential for anyone venturing into the world of digital assets.