Trust Wallet Users Report Asset Drains

Trust Wallet Users Report Asset Drains – What Happened?

In Brief

• Trust Wallet users reported sudden asset drains on December 25th.
• A recent update may have included hidden code that exfiltrated wallet data or seed phrases.
• The incident has renewed concerns about Chrome extension security.

Crypto wallet hacks are part of the many ways that funds can be stolen from crypto holders, and a popular wallet may be the next victim. Trust Wallet users have reported recent draining of assets from their wallets in what appears to be an attack.

An X user shared the information today December 25th, at what time funds were being drained from the wallet for many users. No clear cause has been found, but a Chrome extension is being suspected due to a new update it added yesterday. There’s no figure of how much has been lost yet as investigation is still ongoing.

Appears that TrustWallet users report their funds being drained just now. Its on going as we speak.

Root cause is unclear but some point to the chrome extension. pic.twitter.com/zCuyFOqMuF

— Vet (@Vet_X0) December 25, 2025

Chrome Extensions Becoming Tool for Fraud

Crypto fraudsters use different means to steal assets from users these days, one of which is the use of Chrome extensions, which is becoming increasingly popular. Criminals have either created fake extensions or hijacked them to steal crypto assets either directly or indirectly, something that has become a major concern.

Just recently, a new Chrome extension wallet was discovered which was used to steal Ethereum seed phrases. The fake wallet extension named Safery: Ethereum Wallet looked like any legitimate Ethereum wallet but experts warned of a back door through which bad actors could steal seed phrases.

While Trust Wallet has been a trusted wallet for many years as the name implies, the new extension update released by developers could have been an avenue through which hackers or other fraudsters may be stealing from users. Further information on the incident shows a possible seed phrase stealing, similar to the Ethereum wallet case.

🚨 Security Alert

It appears that the @TrustWallet browser extension may have been compromised via a supply-chain attack in the Dec 24 update.

Reports indicate that importing a seed phrase into the extension can result in immediate wallet draining.

⚠️ Do NOT use the Trust… pic.twitter.com/D2ZMnnkyvj

— Akinator | Testnet Arc (@0xakinator) December 25, 2025

An expert gave a breakdown in which he said the recent update added hidden code that quietly sends wallet data outside while it pretends to be analytics. The code tracks wallet activity and triggers when a seed phrase is imported. The data was sent to a domain called metrics-trustwallet[.]com which was registered days ago and is now down.

Chrome Needs to Step Up Security

The recurring issues with Chrome extensions needs urgent attention as such incidents can give the browser a bad reputation. Although it has been updated a few times recently, such updates did not tackle the issue of security, just introducing new features and fixes for errors.

Interestingly, Chrome remains a preferred choice for internet browsing above even ChatGPT, but this popularity may not last if the security of crypto assets cannot be guaranteed on the extensions.