Synopsis: Trust Wallet’s Chrome extension vanished from Google’s Web Store due to technical glitch, delaying compensation tools for victims of December’s $7 million hack.
Trust Wallet users face an unexpected setback. The popular crypto wallet’s browser extension disappeared from Google Chrome’s Web Store on January 1, 2026. This technical hiccup has delayed crucial updates meant to help victims of a devastating Christmas hack.
The timing couldn’t be worse. Trust Wallet was set to release tools for users who lost funds in a $7 million cyberattack. Now, affected customers must wait longer to submit their reimbursement claims while the company battles a Chrome Web Store bug.
Christmas Day Hack Drains Millions
Hackers struck on December 25, 2025, stealing over $7 million from approximately 2,596 wallet addresses. The attackers exploited Trust Wallet’s Chrome extension through a sophisticated supply chain attack. They compromised the wallet’s GitHub development secrets through the “Sha1-Hulud” exploit that rocked the crypto industry.
The breach gave criminals access to Trust Wallet’s source code. They also obtained the Chrome Web Store API key. Armed with these tools, the hackers uploaded a malicious version of the browser extension. Users who installed this poisoned update unknowingly exposed their funds to theft.
Trust Wallet CEO Eowyn Chen confirmed the attack’s scope. The company identified 2,596 affected addresses but received around 5,000 claims. This massive discrepancy reveals a troubling trend. Many false or duplicate submissions are attempting to steal reimbursements meant for genuine victims.
The attack method was particularly insidious. Malicious code disguised as analytics tracking activated when users imported their seed phrases. This code then exported sensitive wallet data to remote servers. The stolen information included private keys and account balances.
Technical Bug Delays Victim Compensation
Trust Wallet’s latest extension update included a verification feature. This tool would help legitimate victims prove their claims and receive compensation. However, the Chrome Web Store bug struck during the upload process.
Chen explained the situation in a social media post. “We hit a Chrome Web Store bug while releasing a new version,” she stated. The extension became temporarily unavailable across the platform. Google is now investigating the issue and working on a resolution.
The delayed update carries significant importance. It includes mechanisms to filter out fraudulent claims. With 5,000 claims for 2,596 affected addresses, verification tools are essential. The system must separate genuine victims from opportunistic fraudsters.
Trust Wallet has committed to full reimbursement for verified victims. The company’s parent organization Binance pledged support through its Secure Asset Fund for Users. All legitimate losses will be covered once the verification process begins.
Insider Involvement?
The Christmas hack raised eyebrows throughout the crypto community. Blockchain adviser Anndy Lian questioned the attack’s nature. “This kind of ‘hack’ is not natural,” he observed after analyzing the breach. He suggested the chances of insider involvement were high.
Binance co-founder Changpeng Zhao echoed these concerns. CZ agreed that the hacker likely had inside knowledge. The attacker’s familiarity with Trust Wallet’s codebase suggested prior access or deep understanding.
The Sha1-Hulud supply chain exploit affected numerous crypto projects. It compromised npm software packages used by blockchain developers industrywide. However, Trust Wallet’s specific breach showed targeted sophistication beyond typical supply chain attacks.
Security researchers noted the attack’s careful planning. The malicious code was crafted to avoid immediate detection. It waited for specific user actions before activating. This level of precision typically indicates insider knowledge or extensive reconnaissance.
Users Warned About Fake Extensions
Chen issued urgent warnings to Trust Wallet users. Scammers are exploiting the extension’s absence from the Chrome Web Store. Fake versions may appear claiming to be legitimate Trust Wallet tools.
Users should remain vigilant until the official extension returns. Only download from verified sources once the Chrome Web Store bug is resolved. The company will announce the extension’s return through official channels.
Moreover, the mobile app remains unaffected and secure. Users can continue managing their assets through iOS and Android applications. The breach only impacted the desktop Chrome extension.
Trust Wallet recommends additional security measures. Use hardware wallets for large holdings whenever possible. Enable two-factor authentication on all accounts. Never import seed phrases into unverified software or extensions.
Written By Fazal Ul Vahab C H
