Do you remember the last time you downloaded an update without paying attention? For Trust Wallet users, Christmas Eve 2025 will be remembered for this reason. What really happened, and how could a simple update lead to the theft of millions of dollars in cryptocurrencies?
The 3 key facts not to miss
- A malicious update allowed the theft of more than 8 million dollars from 2,520 Trust Wallet wallets.
- The hack exploited a supply chain vulnerability known as Sha1-Hulud.
- Trust Wallet has initiated a reimbursement process for affected users.
The Christmas cyberattack
The evening of December 24, 2025, marked the beginning of a tumultuous episode for Trust Wallet users. An apparently innocuous update, version 2.68.0, was downloaded by thousands of users. However, it contained a line of malicious code that led to the exfiltration of sensitive data to an external server. This attack siphoned off more than 8 million dollars spread across 2,520 wallets.
Attack technique and exploitation
The hackers achieved this feat by conducting a supply chain attack, named Sha1-Hulud, which began in November 2025. By using compromised npm packages, they accessed the source code of the Trust Wallet browser extension and its Chrome Web Store API key. With this information, they were able to directly publish a modified version of the extension on the store, bypassing the usual validation processes.
Reactions and security measures
In response to this critical situation, Trust Wallet reacted quickly. As of December 25, the company released a safe update under version number 2.69.0 and urged users to install it urgently. At the same time, a team of white hat researchers was mobilized to neutralize the malicious server. DDoS attacks were carried out against the domain metrics-trustwallet.com to limit the impact of the attack.
Reimbursement process and lessons learned
To compensate for the losses, Trust Wallet has set up a reimbursement process for affected users. This task is complex, as it requires precisely identifying each victim and the amount lost while filtering out false claims. This case highlights the importance of supply chain security in software development, as well as the need for increased vigilance when publishing updates.
Trust Wallet background
Trust Wallet is a renowned company in the field of cryptocurrency wallets, offering secure solutions to manage various digital currencies. Founded in 2017, the company quickly gained popularity thanks to its ease of use and advanced features. However, this incident highlights the growing challenges faced by companies in this sector regarding security and data protection.
