好的,我现在需要帮用户总结这篇文章的内容,控制在100字以内。首先,我得通读整篇文章,抓住关键点。 文章主要讲的是Trust Wallet的一个安全漏洞,导致了大约700万美元的损失。这个漏洞出现在Chrome扩展的2.68版本中,影响了大约一百万用户。Trust Wallet已经发布了更新版本2.69来修复这个问题,并承诺赔偿受影响的用户。 另外,安全公司SlowMist分析指出,攻击者在代码中插入了恶意代码,窃取用户的助记词,并将其发送到攻击者的服务器。同时,攻击者还进行了钓鱼活动,诱导用户泄露更多信息。 所以,总结的时候需要包括:Trust Wallet的安全漏洞、损失金额、受影响的版本、修复措施以及攻击手段。同时要简洁明了,控制在100字以内。 可能的结构是:Trust Wallet Chrome扩展出现漏洞导致700万美元损失,建议用户更新至2.69版本,并赔偿用户。攻击者利用恶意代码窃取助记词,并进行钓鱼活动。 现在检查一下字数是否符合要求。确保没有使用“文章内容总结”这样的开头。 </think> Trust Wallet Chrome扩展因安全漏洞导致约700万美元损失,建议用户更新至2.69版本以修复问题,并承诺赔偿受影响用户。漏洞源于恶意代码窃取助记词并发送至攻击者服务器。 2025-12-26 19:32:3 Author: securityaffairs.com(查看原文) 阅读量:3 收藏
Trust Wallet warns users to update Chrome extension after $7M security loss
Pierluigi Paganini
December 26, 2025
Trust Wallet urged users to update its Chrome extension after a security incident caused about $7 million in losses.
Trust Wallet warned users to update its Google Chrome extension after a security incident that resulted in about $7 million in losses. The flaw affects version 2.68 of the multi-chain, non-custodial wallet, which has around one million users.
“We’ve confirmed that approximately $7M has been impacted and we will ensure all affected users are refunded. Supporting affected users is our top priority, and we are actively finalizing the process to refund the impacted users. We appreciate your patience and will share instructions on next steps soon.” reads a statement published by the company on X.
Trust Wallet advised users to upgrade to version 2.69 immediately to mitigate the issue.
— Trust Wallet (@TrustWallet) December 26, 2025Update on the Trust Wallet Browser Extension (v2.68) incident:
We’ve confirmed that approximately $7M has been impacted and we will ensure all affected users are refunded.
Supporting affected users is our top priority, and we are actively finalizing the process to refund the… https://t.co/2XRx8GvZ75
Trust Wallet is a popular non-custodial crypto wallet that lets users store and manage digital assets across multiple blockchains via a mobile app and a Chrome extension for dApps.
Mobile users and other browser extensions are not affected.
Trust Wallet urges users to avoid messages outside its official channels.
Blockchain cybersecurity chain SlowMist said Trust Wallet Chrome extension version 2.68 contained malicious code that iterated through all stored wallets and prompted mnemonic phrase requests. The encrypted mnemonics were decrypted using the user’s password and sent to an attacker-controlled server, api.metrics-trustwallet[.]com. The domain was registered on December 8, 2025, with activity starting December 21. The attacker also used the open-source posthog-js analytics library to collect wallet user data.
— SlowMist (@SlowMist_Team) December 26, 2025🚨SlowMist: Analysis of Trust Wallet Browser Extension Hack🚨
Today, @TrustWallet issued a statement confirming that version 2.68 of the Trust Wallet browser extension contains a security risk. Below is our detailed breakdown:👇 https://t.co/d3JlxOogDp
SlowMist researchers suggest the attack may have been carried out by an APT group.
— SlowMist (@SlowMist_Team) December 26, 20254️⃣Conclusion
This backdoor incident originated from malicious source code modification within the internal Trust Wallet extension codebase (analytics logic), rather than an injected compromised third‑party dependency (e.g., malicious npm package). The attacker directly tampered…
1️⃣A diff comparison between v2.67 and v2.68 revealed malicious code secretly inserted into the 2.68 update. This injected code iterates through all wallets stored in the extension, triggering a get mnemonic phrase request for each wallet. The encrypted mnemonic is then decrypted… pic.twitter.com/HdxLQd5eq8
— SlowMist (@SlowMist_Team) December 26, 2025
PeckShield researchers reported that threat actors stole over $6 million in crypto, with most funds sent to exchanges and about $2.8 million still held in attacker wallets.
BleepingComputer reported that during the security incident, attackers also launched a parallel phishing campaign exploiting user panic. Fake X accounts directed victims to fix-trustwallet[.]com, a site mimicking Trust Wallet and claiming to fix a security flaw. The site prompted users to enter wallet recovery seed phrases, enabling attackers to drain funds. WHOIS data shows the domain was recently registered with the same registrar as metrics-trustwallet[.]com, suggesting a possible link to the same threat actors.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, Trust Wallet)
如有侵权请联系:admin#unsafe.sh