February 6, 2026
Random News

Block24Seven

Breaking Blocks, Every Hour

Latest News

News
Regulations
Australia’s ASIC flags crypto as ‘regulatory perimeter’ risk alongside AI, payments
News
Tezos Tallinn Upgrade Now Live, Slashes Block Times to 6 Seconds
News
Paradex Refunds $650K to 200 Users After Maintenance Bug Triggers Liquidations
News
‘Totally Absurd’: Circle CEO Rejects Bank-Run Fears Over Stablecoin Yields

Trust Wallet Will Cover $7M Lost in Christmas Day Hack, CZ Says

Block24Seven07 mins

In a shocking turn of events for the global crypto news community, Trust Wallet users lost approximately $7 million in a Christmas Day hack a breach that cybersecurity experts suggest may involve insider activity. The attack targeted the wallet’s browser extension, compromising user funds and even exporting personal information to a hacker-controlled server.

According to the blockchain analytics firm SlowMist, the attacker had been preparing the exploit weeks before the incident, marking one of the most concerning holiday breaches of 2025. Blockchain technology has evolved to secure digital assets, but this attack reveals that even trusted wallets are not immune to sophisticated infiltration attempts.

Binance’s CZ Promises Compensation for Victims

Changpeng Zhao (CZ), the co-founder of Binance and owner of Trust Wallet, confirmed on X (formerly Twitter) that the lost funds would be fully covered by the company. The announcement quickly spread through crypto news feeds, calming users who feared permanent losses.

Trust Wallet, which serves more than 220 million users, reported that its desktop extension Version 2.68 had been compromised. The company quickly urged users to upgrade to Version 2.89, which includes crucial security patches.

CZ’s move to compensate affected users highlights an emerging culture of accountability among blockchain-driven platforms. In the past, similar hacks left users stranded, but Binance’s leadership aims to rebuild confidence within the crypto pur community through rapid response and transparency.

The Timeline of the Attack

According to Yu Xian, co-founder of SlowMist, the hack was carefully orchestrated. His on-chain analysis revealed that attackers began preparations on December 8, secretly implanted a backdoor by December 22, and executed the heist on December 25.

“The attacker started preparations at least on [Dec. 8], successfully implanted the backdoor on [Dec. 22], began transferring funds on [Christmas Day], and thus was discovered,” Xian wrote.

Worryingly, the malicious code not only drained funds but also collected personal data from unsuspecting Trust Wallet users. This points toward a breach much deeper than a traditional phishing campaign, potentially exposing sensitive customer details.

Suspicions of Insider Involvement

Perhaps the most alarming theory circulating in crypto news circles is that the attack may have involved insider access. On-chain investigator ZachXBT confirmed that “hundreds” of users were affected, amplifying scrutiny over how the fraudulent wallet extension was submitted and approved on the official platform.

Anndy Lian, a well-known government blockchain adviser, stated, “This kind of hack is not natural. The chances of insider involvement are high.” CZ later agreed with this assessment, suggesting that the exploit was “most likely” executed by someone with internal access to Trust Wallet’s source code.

SlowMist’s findings backed this theory, explaining that the attacker was “very familiar with the Trust Wallet extension’s codebase,” enabling them to implant the backdoor efficiently. Such precision suggests an insider or someone with detailed technical knowledge of the wallet’s architecture and blockchain technology integration.

A Reminder of Ongoing Wallet Security Risks

Personal wallet compromises remain a major vulnerability in the cryptocurrency space. Excluding the massive $1.4 billion Bybit hack from February 2025, personal wallet breaches still accounted for 37% of all stolen funds during the year, according to Chainalysis.

Despite the $7 million Trust Wallet loss, it remains smaller compared to other landmark exploits for instance, Axie Infinity co-founder Jeff Zirlin’s $9.7 million Ether theft in 2024. Still, the implications of potential insider access at a leading wallet provider could ripple through the security practices of the entire crypto pur ecosystem.

For the industry, this event reinforces an urgent truth: blockchain technology provides transparency, but it cannot eliminate human risk. The balance between decentralization and trust continues to define crypto’s evolution and each breach reminds users to stay alert, update software regularly, and use verified extensions only.

As CZ put it best in his post: “User trust is built by action, not words.”

Leave a Reply

Your email address will not be published. Required fields are marked *

Related News