• The details of the hack
• An inside job?

Binance CEO Changpeng Zhao has clarified that funds are "SAFU" following the latest Trust Wallet Hack. 

The company will use its own treasury to reimburse the victims of the $7 million theft.

The details of the hack

The Trust Wallet Browser Extension Version 2.68 was recently compromised.

Attackers utilized a vulnerability in this specific version to drain cryptocurrency from users' wallets.

Wallet has acknowledged the breach and released a patched version (Version 2.69) to fix the security hole. 

Users running Trust Wallet Browser Extension Version 2.68 on desktop are currently at risk. Do not click on the extension icon or try to open it. Opening the compromised version (2.68) may trigger the exploit and drain your funds.

You Might Also Like
Thu, 12/25/2025 - 09:04 Binance Founder CZ Reveals Brutal Truth Behind Every 'Perfect' Bitcoin BuyByGamza Khanzadaev

PeckShield reported that the scale of the theft is significant and larger than initially estimated.

Early reports stated that $2.8 million had been stolen, but further analysis confirmed that this figure could reach $6 million. 

The attackers are actively moving the stolen funds to mix them or cash them out.

Approximately $2.8M is still sitting in the attacker's addresses across Bitcoin, EVM (Ethereum Virtual Machine) chains, and Solana.

The majority (more than $4M) has been sent to centralized exchanges ($3.3 million to ChangeNOW, $447,000 to KuCoin, $340,000 to FixedFloat). 

An inside job?

He notes the team is investigating how hackers were able to "submit a new version" (Version 2.68) to the Chrome Web Store. This implies the hack was a compromise of the release pipeline.

The security failure likely involved a compromised employee or a rogue developer who had the credentials to push an update to the Google Web Store.

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。