Trust Wallet Users Face Delays in Receiving Compensation Due to Chrome Extension Issue
Trust Wallet users who were affected by a recent hacker attack on the browser extension are facing delays in receiving compensation due to a technical issue with the Chrome Web Store. The company’s Chrome extension was temporarily removed from the store, which has slowed down the rollout of a key damage verification tool related to the incident.
According to Trust Wallet CEO Eowyn Chen, the extension was no longer available after the company encountered a bug in the Chrome Web Store while trying to release a new version. The delayed update was intended to introduce a verification feature to help victims of the Christmas hack confirm wallet ownership and securely submit refund claims.
Some may have noticed that the @trustwallet browser extension is temporarily unavailable in the Chrome Web Store. We encountered a bug in the Chrome Web Store while releasing a new version that includes a feature that helps refund requesters submit verification codes from their extension…
— Eowync.eth (@EowynChen) December 31, 2025
Attackers Exploited Fake Trust Wallet Update to Steal Funds
The outage comes as Trust Wallet continues to deal with the fallout from a security breach that began in late December. On December 25, the company confirmed that a malicious version of its Chrome browser extension, version 2.68, was distributed through the Chrome Web Store outside of the normal release process.
The compromised extension allowed attackers to access sensitive wallet data and conduct unauthorized transactions, resulting in millions of dollars in losses. Trust Wallet’s internal investigation shows that only users who installed version 2.68 and logged in to their wallets between December 24th and December 26th were affected.
Mobile app users, users of other extension versions, and users who installed or signed in after December 26 were not affected. The company said it identified 2,520 wallet addresses that were deleted during the incident, with approximately $8.5 million in assets linked to 17 wallets controlled by attackers.
Trust Wallet Cleans Up Extension Hack; Rise in Fake Compensation Scams
Trust Wallet attributed the breach to a broader supply chain attack called Sha1-Hulud that emerged in November and affected multiple companies through compromised developer tools. The company said exposed GitHub secrets and a leaked Chrome Web Store API key allowed the attacker to upload the malicious extension directly and bypass internal approval checks.
In response, Trust Wallet rolled back to a clean version, released version 2.69, and disabled compromised credentials for the release. A voluntary reimbursement system was also introduced, which was promised to all those found to be victims. A formal claims process was launched on December 29, requiring users to provide wallet addresses, transaction hashes, and identifying information through an official support portal.
According to the company, over 5,000 claims have been submitted, but the number of verified affected wallets is much lower, raising concerns that there could be duplicate or fake claims. This discrepancy led to the creation of another verification mechanism that was supposed to be provided with the next browser extension update, but was delayed by the Chrome Web Store issue.
Source: Chainalysis
The event continues to add to a growing number of wallet-related escapades in the crypto industry. Industry data shows that the proportion of personal wallet compromises has continued to increase with the proportion of stolen funds. For more information, visit https://cryptonews.com/news/trust-wallet-chrome-bug-delays-hack-reimbursement/
