Buy Crypto- Markets
Futures- Spot
- Copy Trade
- Earn
- More
Over $6 Million Stolen: Trust Wallet Source Code Compromised, How Did Official Version Become Hacker Backdoor?
Original Title: "Trust Wallet Plugin Version Attacked, Loss Exceeds $6 Million, Urgent Patch Released by Officials"
Original Author: ChandlerZ, Foresight News
On the morning of December 26, Trust Wallet issued a security alert, confirming a security vulnerability in Trust Wallet browser extension version 2.68. Users of version 2.68 should immediately disable the extension and upgrade to version 2.69. Please upgrade through the official Chrome Web Store link.
According to PeckShield monitoring, the Trust Wallet vulnerability exploit has led the hacker to steal over $6 million in cryptocurrency from victims.
Currently, about $2.8 million of the stolen funds remain in the hacker's wallet (Bitcoin / EVM / Solana), while over $4 million in cryptocurrency has been transferred to centralized exchange platforms, including: around $3.3 million to ChangeNOW, around $340,000 to FixedFloat, and around $447,000 to Kucoin.
As the number of affected users surged, code auditing for Trust Wallet version 2.68 began immediately. The security analysis team SlowMist, by comparing the source code differences between 2.68.0 (malicious version) and 2.69.0 (fixed version), discovered that the hacker had implanted a seemingly legitimate data collection code, turning the official plugin into a privacy-stealing backdoor.
Analysis: Trust Wallet Developer's Device or Code Repository Compromised by Attacker
According to SlowMist security team analysis, the core carrier of this attack was confirmed to be Trust Wallet browser extension version 2.68.0. By comparing it to the fixed version 2.69.0, security personnel found a highly disguised malicious code in the old version. As shown in the figure.
The backdoor code added a PostHog to collect various privacy information of the wallet users (including mnemonic phrases) and send it to the attacker's server api.metrics-trustwallet [.] com.
Based on code changes and on-chain activities, SlowMist provided an estimated timeline of the attack:
· December 8: The attacker begins relevant preparations;
· December 22: Successfully rolls out version 2.68 with the implanted backdoor;
· December 25: Taking advantage of the Christmas holiday, the attacker starts transferring funds based on stolen mnemonic phrases, which is later exposed.
Furthermore, SlowMist analysis believes that the attacker appears to be very familiar with Trust Wallet's extension source code. It is worth noting that the current patched version (2.69.0) has severed the malicious transfer but has not removed the PostHog JS library.
Additionally, SlowMist Technology's Chief Information Security Officer 23pds posted on social media, stating, "According to SlowMist's analysis, there is reason to believe that Trust Wallet-related developers' devices or code repositories may have been compromised by the attacker. Please disconnect the network promptly to investigate the relevant personnel's devices." He pointed out, "Users affected by the Trust Wallet version must first disconnect the network, then export the mnemonic phrase to transfer assets. Otherwise, assets will be stolen when the wallet is opened online. Those with a mnemonic backup must transfer assets first before upgrading the wallet."
Plugin Security Incidents are Common
At the same time, he pointed out that the attacker seems very familiar with Trust Wallet's extension source code, implanting PostHog JS to collect various wallet information from users. The current Trust Wallet fixed version has not removed PostHog JS.
This Trust Wallet official version turning into a trojan reminds the market of several highly risky attacks on hot wallet frontends in recent years. From attack methods to vulnerability causes, these cases provide important reference points for understanding this incident.
· When Official Channels Are No Longer Secure
Most similar to this Trust Wallet incident are attacks on software supply chains and distribution channels. In such events, users not only did not make mistakes but were even victims because they downloaded "genuine software."
Ledger Connect Kit Poisoning Incident (December 2023): Hardware wallet giant Ledger's frontend code repository was hacked by a hacker who gained permission through phishing and uploaded a malicious update package. This contaminated several top dApp frontends, including SushiSwap, displaying fake connection windows. This event is considered a textbook case of a "supply chain attack," proving that even companies with excellent security reputations, their Web2 distribution channels (such as NPM) are still high-risk single points of failure.
Hola VPN and Mega Extension Hijacking (2018): Back in 2018, the developer account of the popular VPN service Hola's Chrome extension was compromised. The hacker pushed an "official update" containing malicious code specifically designed to monitor and steal MyEtherWallet users' private keys.
· Code Vulnerability: Mnemonic Phrase Exposure Risk
Aside from supply chain attacks, implementation vulnerabilities when handling mnemonic phrases, private key material, and other sensitive data in wallets can also lead to significant asset loss.
Slope Wallet Log Data Collection Controversy (August 2022): The Solana ecosystem experienced a large-scale fund theft event, and a post-incident investigation report highlighted Slope Wallet as sending private keys or mnemonic phrases to a Sentry service (the Sentry service referred to the privately deployed Sentry service by the Slope team, not the official Sentry interface or service). However, a security firm's analysis also stated that the investigation into the Slope Wallet app has so far been unable to definitively prove that the root cause of the event was the Slope Wallet. There is a significant amount of technical work to be done, and further evidence is needed to explain the core cause of this event.
Trust Wallet Low-Entropy Key Generation Vulnerability (Disclosed as CVE-2023-31290, Exploits Traceable to 2022/2023): The Trust Wallet browser extension was found to have insufficient randomness: attackers could efficiently identify and derive potentially affected wallet addresses within a specific version range due to the enumerability introduced by a mere 32-bit seed, leading to fund theft.
· The Game of "The Good, the Bad, and the Ugly"
Within the extension wallet and browser search ecosystem, there has long been a gray-hat production chain consisting of fake plugins, fake download pages, fake update pop-ups, fake customer service DMs, and more. Once users install from unofficial channels or enter mnemonic phrases/private keys on phishing pages, their assets can be instantly drained. As events escalate to potentially impacting official versions, users' security perimeters are further reduced, often resulting in a surge of secondary scams.
At the time of writing, Trust Wallet has urged all affected users to promptly complete the version update. However, with ongoing movements of stolen on-chain funds, it is evident that the repercussions of this "Christmas heist" are far from over.
Whether it's Slope's plaintext logs or Trust Wallet's malicious backdoor, history is alarmingly repetitive. This once again serves as a reminder to every crypto user not to blind trust any single software endpoint. Regularly check authorizations, diversify asset storage, stay vigilant against suspicious version updates—perhaps this is the survival guide through the crypto dark forest.
You may also like
Soaring 50 times, with an FDV exceeding 10 billion USD, why RaveDAO?
1 billion DOTs were minted out of thin air, but the hacker only made 230,000 dollars
After the blockade of the Strait of Hormuz, when will the war end?
Before using Musk's "Western WeChat" X Chat, you need to understand these three questions
The X Chat will be available for download on the App Store this Friday. The media has already covered the feature list, including self-destructing messages, screenshot prevention, 481-person group chats, Grok integration, and registration without a phone number, positioning it as the "Western WeChat." However, there are three questions that have hardly been addressed in any reports.
There is a sentence on X's official help page that is still hanging there: "If malicious insiders or X itself cause encrypted conversations to be exposed through legal processes, both the sender and receiver will be completely unaware."
No. The difference lies in where the keys are stored.
In Signal's end-to-end encryption, the keys never leave your device. X, the court, or any external party does not hold your keys. Signal's servers have nothing to decrypt your messages; even if they were subpoenaed, they could only provide registration timestamps and last connection times, as evidenced by past subpoena records.
X Chat uses the Juicebox protocol. This solution divides the key into three parts, each stored on three servers operated by X. When recovering the key with a PIN code, the system retrieves these three shards from X's servers and recombines them. No matter how complex the PIN code is, X is the actual custodian of the key, not the user.
This is the technical background of the "help page sentence": because the key is on X's servers, X has the ability to respond to legal processes without the user's knowledge. Signal does not have this capability, not because of policy, but because it simply does not have the key.
The following illustration compares the security mechanisms of Signal, WhatsApp, Telegram, and X Chat along six dimensions. X Chat is the only one of the four where the platform holds the key and the only one without Forward Secrecy.
The significance of Forward Secrecy is that even if a key is compromised at a certain point in time, historical messages cannot be decrypted because each message has a unique key. Signal's Double Ratchet protocol automatically updates the key after each message, a mechanism lacking in X Chat.
After analyzing the X Chat architecture in June 2025, Johns Hopkins University cryptology professor Matthew Green commented, "If we judge XChat as an end-to-end encryption scheme, this seems like a pretty game-over type of vulnerability." He later added, "I would not trust this any more than I trust current unencrypted DMs."
From a September 2025 TechCrunch report to being live in April 2026, this architecture saw no changes.
In a February 9, 2026 tweet, Musk pledged to undergo rigorous security tests of X Chat before its launch on X Chat and to open source all the code.
As of the April 17 launch date, no independent third-party audit has been completed, there is no official code repository on GitHub, the App Store's privacy label reveals X Chat collects five or more categories of data including location, contact info, and search history, directly contradicting the marketing claim of "No Ads, No Trackers."
Not continuous monitoring, but a clear access point.
For every message on X Chat, users can long-press and select "Ask Grok." When this button is clicked, the message is delivered to Grok in plaintext, transitioning from encrypted to unencrypted at this stage.
This design is not a vulnerability but a feature. However, X Chat's privacy policy does not state whether this plaintext data will be used for Grok's model training or if Grok will store this conversation content. By actively clicking "Ask Grok," users are voluntarily removing the encryption protection of that message.
There is also a structural issue: How quickly will this button shift from an "optional feature" to a "default habit"? The higher the quality of Grok's replies, the more frequently users will rely on it, leading to an increase in the proportion of messages flowing out of encryption protection. The actual encryption strength of X Chat, in the long run, depends not only on the design of the Juicebox protocol but also on the frequency of user clicks on "Ask Grok."
X Chat's initial release only supports iOS, with the Android version simply stating "coming soon" without a timeline.
In the global smartphone market, Android holds about 73%, while iOS holds about 27% (IDC/Statista, 2025). Of WhatsApp's 3.14 billion monthly active users, 73% are on Android (according to Demand Sage). In India, WhatsApp covers 854 million users, with over 95% Android penetration. In Brazil, there are 148 million users, with 81% on Android, and in Indonesia, there are 112 million users, with 87% on Android.
WhatsApp's dominance in the global communication market is built on Android. Signal, with a monthly active user base of around 85 million, also relies mainly on privacy-conscious users in Android-dominant countries.
X Chat circumvented this battlefield, with two possible interpretations. One is technical debt; X Chat is built with Rust, and achieving cross-platform support is not easy, so prioritizing iOS may be an engineering constraint. The other is a strategic choice; with iOS holding a market share of nearly 55% in the U.S., X's core user base being in the U.S., prioritizing iOS means focusing on their core user base rather than engaging in direct competition with Android-dominated emerging markets and WhatsApp.
These two interpretations are not mutually exclusive, leading to the same result: X Chat's debut saw it willingly forfeit 73% of the global smartphone user base.
This matter has been described by some: X Chat, along with X Money and Grok, forms a trifecta creating a closed-loop data system parallel to the existing infrastructure, similar in concept to the WeChat ecosystem. This assessment is not new, but with X Chat's launch, it's worth revisiting the schematic.
X Chat generates communication metadata, including information on who is talking to whom, for how long, and how frequently. This data flows into X's identity system. Part of the message content goes through the Ask Grok feature and enters Grok's processing chain. Financial transactions are handled by X Money: external public testing was completed in March, opening to the public in April, enabling fiat peer-to-peer transfers via Visa Direct. A senior Fireblocks executive confirmed plans for cryptocurrency payments to go live by the end of the year, holding money transmitter licenses in over 40 U.S. states currently.
Every WeChat feature operates within China's regulatory framework. Musk's system operates within Western regulatory frameworks, but he also serves as the head of the Department of Government Efficiency (DOGE). This is not a WeChat replica; it is a reenactment of the same logic under different political conditions.
The difference is that WeChat has never explicitly claimed to be "end-to-end encrypted" on its main interface, whereas X Chat does. "End-to-end encryption" in user perception means that no one, not even the platform, can see your messages. X Chat's architectural design does not meet this user expectation, but it uses this term.
X Chat consolidates the three data lines of "who this person is, who they are talking to, and where their money comes from and goes to" in one company's hands.
The help page sentence has never been just technical instructions.
Parse Noise's newly launched Beta version, how to "on-chain" this heat?
Is Lobster a Thing of the Past? Unpacking the Hermes Agent Tools that Supercharge Your Throughput to 100x
Declare War on AI? The Doomsday Narrative Behind Ultraman's Residence in Flames
Crypto VCs Are Dead? The Market Extinction Cycle Has Begun
Claude's Journey to Foolishness in Diagrams: The Cost of Thriftiness, or How API Bill Increased 100-Fold
Edge Land Regress: A Rehash Around Maritime Power, Energy, and the Dollar
Arthur Hayes Latest Interview: How Should Retail Investors Navigate the Iran Conflict?
Just now, Sam Altman was attacked again, this time by gunfire
Straits Blockade, Stablecoin Recap | Rewire News Morning Edition
From High Expectations to Controversial Turnaround, Genius Airdrop Triggers Community Backlash
The Xiaomi electric vehicle factory in Beijing's Daxing district has become the new Jerusalem for the American elite
Lean Harness, Fat Skill: The Real Source of 100x AI Productivity
Ultraman is not afraid of his mansion being attacked; he has a fortress.
US-Iran Negotiations Collapse, Bitcoin Faces Battle to Defend $70,000 Level
Soaring 50 times, with an FDV exceeding 10 billion USD, why RaveDAO?
1 billion DOTs were minted out of thin air, but the hacker only made 230,000 dollars
After the blockade of the Strait of Hormuz, when will the war end?
Before using Musk's "Western WeChat" X Chat, you need to understand these three questions
The X Chat will be available for download on the App Store this Friday. The media has already covered the feature list, including self-destructing messages, screenshot prevention, 481-person group chats, Grok integration, and registration without a phone number, positioning it as the "Western WeChat." However, there are three questions that have hardly been addressed in any reports.
There is a sentence on X's official help page that is still hanging there: "If malicious insiders or X itself cause encrypted conversations to be exposed through legal processes, both the sender and receiver will be completely unaware."
No. The difference lies in where the keys are stored.
In Signal's end-to-end encryption, the keys never leave your device. X, the court, or any external party does not hold your keys. Signal's servers have nothing to decrypt your messages; even if they were subpoenaed, they could only provide registration timestamps and last connection times, as evidenced by past subpoena records.
X Chat uses the Juicebox protocol. This solution divides the key into three parts, each stored on three servers operated by X. When recovering the key with a PIN code, the system retrieves these three shards from X's servers and recombines them. No matter how complex the PIN code is, X is the actual custodian of the key, not the user.
This is the technical background of the "help page sentence": because the key is on X's servers, X has the ability to respond to legal processes without the user's knowledge. Signal does not have this capability, not because of policy, but because it simply does not have the key.
The following illustration compares the security mechanisms of Signal, WhatsApp, Telegram, and X Chat along six dimensions. X Chat is the only one of the four where the platform holds the key and the only one without Forward Secrecy.
The significance of Forward Secrecy is that even if a key is compromised at a certain point in time, historical messages cannot be decrypted because each message has a unique key. Signal's Double Ratchet protocol automatically updates the key after each message, a mechanism lacking in X Chat.
After analyzing the X Chat architecture in June 2025, Johns Hopkins University cryptology professor Matthew Green commented, "If we judge XChat as an end-to-end encryption scheme, this seems like a pretty game-over type of vulnerability." He later added, "I would not trust this any more than I trust current unencrypted DMs."
From a September 2025 TechCrunch report to being live in April 2026, this architecture saw no changes.
In a February 9, 2026 tweet, Musk pledged to undergo rigorous security tests of X Chat before its launch on X Chat and to open source all the code.
As of the April 17 launch date, no independent third-party audit has been completed, there is no official code repository on GitHub, the App Store's privacy label reveals X Chat collects five or more categories of data including location, contact info, and search history, directly contradicting the marketing claim of "No Ads, No Trackers."
Not continuous monitoring, but a clear access point.
For every message on X Chat, users can long-press and select "Ask Grok." When this button is clicked, the message is delivered to Grok in plaintext, transitioning from encrypted to unencrypted at this stage.
This design is not a vulnerability but a feature. However, X Chat's privacy policy does not state whether this plaintext data will be used for Grok's model training or if Grok will store this conversation content. By actively clicking "Ask Grok," users are voluntarily removing the encryption protection of that message.
There is also a structural issue: How quickly will this button shift from an "optional feature" to a "default habit"? The higher the quality of Grok's replies, the more frequently users will rely on it, leading to an increase in the proportion of messages flowing out of encryption protection. The actual encryption strength of X Chat, in the long run, depends not only on the design of the Juicebox protocol but also on the frequency of user clicks on "Ask Grok."
X Chat's initial release only supports iOS, with the Android version simply stating "coming soon" without a timeline.
In the global smartphone market, Android holds about 73%, while iOS holds about 27% (IDC/Statista, 2025). Of WhatsApp's 3.14 billion monthly active users, 73% are on Android (according to Demand Sage). In India, WhatsApp covers 854 million users, with over 95% Android penetration. In Brazil, there are 148 million users, with 81% on Android, and in Indonesia, there are 112 million users, with 87% on Android.
WhatsApp's dominance in the global communication market is built on Android. Signal, with a monthly active user base of around 85 million, also relies mainly on privacy-conscious users in Android-dominant countries.
X Chat circumvented this battlefield, with two possible interpretations. One is technical debt; X Chat is built with Rust, and achieving cross-platform support is not easy, so prioritizing iOS may be an engineering constraint. The other is a strategic choice; with iOS holding a market share of nearly 55% in the U.S., X's core user base being in the U.S., prioritizing iOS means focusing on their core user base rather than engaging in direct competition with Android-dominated emerging markets and WhatsApp.
These two interpretations are not mutually exclusive, leading to the same result: X Chat's debut saw it willingly forfeit 73% of the global smartphone user base.
This matter has been described by some: X Chat, along with X Money and Grok, forms a trifecta creating a closed-loop data system parallel to the existing infrastructure, similar in concept to the WeChat ecosystem. This assessment is not new, but with X Chat's launch, it's worth revisiting the schematic.
X Chat generates communication metadata, including information on who is talking to whom, for how long, and how frequently. This data flows into X's identity system. Part of the message content goes through the Ask Grok feature and enters Grok's processing chain. Financial transactions are handled by X Money: external public testing was completed in March, opening to the public in April, enabling fiat peer-to-peer transfers via Visa Direct. A senior Fireblocks executive confirmed plans for cryptocurrency payments to go live by the end of the year, holding money transmitter licenses in over 40 U.S. states currently.
Every WeChat feature operates within China's regulatory framework. Musk's system operates within Western regulatory frameworks, but he also serves as the head of the Department of Government Efficiency (DOGE). This is not a WeChat replica; it is a reenactment of the same logic under different political conditions.
The difference is that WeChat has never explicitly claimed to be "end-to-end encrypted" on its main interface, whereas X Chat does. "End-to-end encryption" in user perception means that no one, not even the platform, can see your messages. X Chat's architectural design does not meet this user expectation, but it uses this term.
X Chat consolidates the three data lines of "who this person is, who they are talking to, and where their money comes from and goes to" in one company's hands.
The help page sentence has never been just technical instructions.
App