Trust Wallet hacking incident update: CZ responds to $7 million loss, promises full compensation and enhanced security

Recently, the Trust Wallet hacking incident has drawn significant attention from the crypto community. Regarding the approximately $7 million in asset losses, CZ has issued an official statement, assuring users of the safety of their funds and explicitly stating that Trust Wallet will bear all losses resulting from this security breach. This statement has helped stabilize market sentiment to some extent and has once again brought the issue of “cryptocurrency wallet security” into the industry spotlight.

CZ stated on the X platform that the confirmed loss amount is about $7 million, and affected users’ funds will be compensated by Trust Wallet, so users do not need to bear the risk themselves. Meanwhile, the team is still investigating how the hacker bypassed the process to submit a vulnerable new version of the software to prevent similar incidents from happening again. This response is also a direct follow-up to Trust Wallet’s earlier acknowledgment of the security vulnerability.

According to disclosures from the Trust Wallet team, the hacking attack occurred on December 25 and mainly affected version 2.68 of the browser extension. The vulnerability led to the theft of various mainstream crypto assets including Bitcoin, Ethereum, and BNB, with losses totaling approximately $7 million. The official team urgently released version 2.69 and urged all users still using version 2.68 to upgrade immediately. The team also emphasized that only users on mobile wallets and other versions of the browser extension were unaffected.

From a broader industry perspective, the Trust Wallet hacking incident is not an isolated case. According to the latest data from Chainalysis, by 2025, the total losses from cryptocurrency hacking attacks have reached $3.14 billion. Among them, a major security incident at a leading CEX resulted in a single loss of up to $1.5 billion, accounting for nearly half of the annual losses. Additionally, several attacks are believed to be linked to North Korean hacker organizations, highlighting the systemic and long-term security risks associated with crypto assets.

Industry experts generally believe that frequent wallet security incidents are testing users’ trust in decentralized finance and self-custody wallets. They also point out that the blacklisting of Trust Wallet is just a warning signal; the security construction of the crypto industry will never have a “final point.” For ordinary users, timely updating wallet versions, avoiding risky plugins, and diversifying asset storage remain important measures to reduce risks.

Overall, CZ’s quick response and compensation pledge regarding the Trust Wallet hacking incident help alleviate short-term panic. However, in the long run, improving wallet security, code audits, and release processes will continue to be core issues that the entire industry must address.