Trust Wallet confirmed a browser extension flaw in version 2.68 led to multi-million dollar crypto thefts, urging immediate upgrade to version 2.69 for user protection.
Trust Wallet acknowledged that version 2.68 of its browser extension contained a security flaw exploited to steal approximately 33 BTC and $3 million in Ethereum assets. The company urged all users to upgrade to version 2.69 immediately. Security firm SlowMist reported that malicious code had been directly injected into the extension, transmitting users’ seed phrases to an attacker-controlled server. SlowMist’s CISO previously indicated the breach may be linked to a compromise of a developer’s device or the project’s code repository, advising users of affected versions to disconnect from the internet and move their funds through mnemonic export before updating.