Trust Wallet has opened a formal compensation process for users affected by a security incident involving the Chrome browser extension, after malicious code embedded in a recent update led to the exposure of wallet seed phrases and the loss of millions of dollars in crypto assets.
The company said On Friday, affected users could now submit claims via an official support form hosted on Trust Wallet’s portal.
The claims process required users must provide basic identification information, including their email address and country of residence, in addition to compromised wallet addresses, addresses of suspected attackers, and relevant transaction hashes.
Trust Wallet says it is prioritizing reviews of all submissions and has committed to compensating any verified victim of the incident.
Trust Wallet contacts victims while scammers exploit the consequences of a breach
In a statement posted on X on December 26, Trust Wallet acknowledged the disruption caused by the breach and said its support team had already begun contacting affected users.
The company added that each case requires careful verification to ensure accuracy and security and promised to provide ongoing updates as the process progresses.
At the same time, Trust Wallet warned users to remain vigilant against scams, noting an increase in fake compensation forms, impersonated support accounts and unsolicited direct messages circulating on Telegram and other platforms.
The compensation announcement followed confirmation of the breach on December 25, when Trust Wallet announced that only version 2.68 of the Chrome browser extension was affected.
Blockchain researcher ZachXBT first drew attention to the incident after multiple users reported unauthorized fund outflows shortly after installing the update.
Trust Wallet later urged users using the compromised version should immediately disable it and upgrade to version 2.69.
According to ZachXBT, the number of victims rose to hundreds within hours, with more than $6 million being siphoned across various blockchains, including Bitcoin, Solana, and EVM-compatible networks.
Several users said their wallets were emptied within minutes, with one account on X to claim losses of over $300,000, although ZachXBT later flagged that particular account as suspicious.
How a Chrome extension update turned into a wallet heist
Researchers and users reported that the malicious extension appeared legitimate when installed through Chrome’s normal update process.
However, the embedded code allowed attackers to extract users’ recovery phrases, allowing immediate access to their funds.
One user warned that simply importing a seed phrase into the extension caused their wallet to drain immediately.
Browser extensions typically operate with elevated privileges, giving them access to web pages, storage, and browsing data, making them a powerful target for attackers when exploited.
Trust Wallet said mobile app users and users of other versions of the browser extension were not affected. The Chrome extension itself has around a million users, according to the Web Store listing.
In a separate post, Changpeng Zhao, the founder of Binance, who acquired Trust Wallet in 2018, says: confirmed that all verified losses would be covered. Zhao estimated the total amount affected at around $7 million and said user fees would be refunded.
So far, $7 million has been affected by this hack. @TrustWallet will cover. User funds are SAFU. We appreciate your understanding for any inconveniences.
The team is still investigating how hackers could submit a new version. https://t.co/xdPGwwDU8b
—CZ
BNB (@cz_binance) December 26, 2025
The incident comes amid a broader increase in wallet-related exploits in the crypto industry.
According to According to Chainalysis, more than $3.4 billion was stolen between January and early December 2025, with a single compromise in February at Bybit accounting for almost half of that total.
Personal wallet breaches have steadily increased in recent years, from just over 7% of stolen value in 2022 to more than a third in 2025, excluding the Bybit attack.
While centralized platforms are less likely to be compromised, they have also suffered increasing losses due to private key breaches.
The post Trust Wallet Opens Up for $7 Million in Compensation After Chrome Exploit Leaks Seed Phrases appeared first on Cryptonews.
