Trust Walletβs browser extension was compromised, resulting in the theft of approximately $7 million from nearly 3,000 cryptocurrency wallets. Users are being urged to update their extension and remain vigilant against phishing scams targeting their recovery seed phrases. #TrustWallet #ChromeExtensionV2.68 #CryptoTheft
Keypoints
- The malicious extension version 2.68 was likely published using a leaked Chrome Web Store API key.
- Trust Wallet has advised users to immediately upgrade to version 2.69 to prevent further thefts.
- Attackers added a JavaScript file to exfiltrate sensitive wallet data during the compromised extensionβs operation.
- Trust Wallet is actively reimbursing affected users while verifying each claim to prevent fraud.
- Threat actors are impersonating support and conducting phishing campaigns to steal recovery phrases.