Blockchain investigator ZachXBT and other security researchers raised the alarm over a potential supply‑chain compromise affecting the Trust Wallet browser extension after a late‑December update. What happened - On 24 December a new version of the Trust Wallet browser extension was released. By 25 December, ZachXBT and other researchers posted on X (Twitter) that the update contained suspicious newly added JavaScript. - The code reportedly disguised itself as analytics but appeared to trigger specifically when users imported a seed phrase. Researchers say it silently transmitted wallet data to an external domain that mimicked Trust Wallet infrastructure. - The domain used to receive data was reportedly registered only days before the update and later went offline — a timing pattern researchers say is consistent with a coordinated supply‑chain attack rather than ordinary user‑side phishing. - Multiple users have publicly reported wallets drained shortly after importing seed phrases into the extension. Publicly shared loss estimates exceed $2 million, though those figures have not been independently verified. Analysts note that funds were routed through many addresses — behavior that can indicate automated exploitation. Scope and current status - Early warnings focused specifically on the browser extension. Researchers emphasized there was no evidence at that time that Trust Wallet’s mobile apps were affected — the browser extension’s update mechanism and third‑party dependencies present higher supply‑chain risk. - Trust Wallet initially had not commented publicly, but on 25 December the company confirmed the security incident affected only Trust Wallet Browser Extension version 2.68. It advised users running v2.68 to disable the extension immediately and upgrade to v2.69, which Trust Wallet described as a fixed release. - Trust Wallet said mobile‑only users and other extension versions were not impacted and that its team was actively working on the issue. The company did not publish detailed technical root‑cause information at the time of the statement. Why researchers are concerned - Supply‑chain compromises — where a malicious change is introduced into trusted software updates or dependencies — are more dangerous than ordinary phishing because they can silently affect many users at once and bypass user caution. - If confirmed, the incident would represent a serious supply‑chain attack with the potential for rapid, large‑scale losses across the crypto ecosystem. Practical guidance for users - Do not import seed phrases into the Trust Wallet browser extension until the investigation is complete and official guidance is available. - If you used the extension recently, disable or uninstall it and avoid entering seed phrases into browser extensions. Consider using trustable hardware wallets or the official mobile app (which the vendor says is unaffected) to manage funds, and follow official Trust Wallet updates. - Monitor on‑chain activity for suspicious outgoing transactions and, where possible, consider moving assets to a new wallet whose seed was generated on a secure device (ideally a hardware wallet). If you suspect compromise, revoke smart‑contract approvals and seek guidance from reputable security services. Ongoing investigation Researchers caution that conclusions are preliminary: the extension code and related on‑chain activity are still under active review. The reported financial figures are not independently verified. Trust Wallet has acknowledged the incident and issued a patch for the affected version, but technical details on the root cause remain limited. Note: This article is informational and not investment advice. Cryptocurrency trading carries high risk; readers should do their own research and follow official advisories from wallet vendors and security researchers. Read more AI-generated news on: undefined/news