How to Get Compensated If You Lost Funds in the Trust Wallet Chrome Hack

The Attack: What Happened Between December 24-26

A critical security breach affected Trust Wallet users who accessed the platform’s Google Chrome extension during a specific three-day window. Between December 24 and December 26, attackers successfully injected malicious code into the v2.68 release of the extension. This meant that anyone who logged in during this period had their seed phrases compromised and intercepted by the bad actors.

The total confirmed loss from this incident stands at approximately $7 million across affected users.

Step-by-Step Guide to Claiming Your Refund

Trust Wallet’s leadership, headed by CEO Eowyn Chen, has established an official reimbursement program for impacted users. Here’s what you need to do to claim compensation:

Access the Official Claims Portal: Visit the purpose-built domain set up specifically for reimbursement claims. Do not use any other website or link.

Prepare Your Information: You’ll need to gather:

• The email address associated with your account
• Your compromised wallet address
• The hacker’s wallet address
• The transaction hash(es) showing how your funds were drained
• Your current reimbursement amount
• Your new wallet address (where compensation will be sent)

Submit Your Claim: The application process is streamlined to minimize the paperwork involved. Fill in your details on the official dashboard and include your residence information, which authorities will use for potential criminal prosecution of the attackers.

Critical Warnings: Avoid Compensation Scams

Eowyn Chen and the Trust Wallet team have issued a stark warning: fraudsters are capitalizing on this situation by launching fake compensation programs.

Never share the following with anyone claiming to represent Trust Wallet’s reimbursement initiative:

• Your wallet passwords
• Personal identification data
• Your seed phrases or recovery words
• Credit card or banking information

The legitimate compensation program will never ask for these details.

Why This Hack Happened: The Technical Breakdown

Security researchers believe the breach exploited a vulnerability in Trust Wallet’s update distribution system. The most likely cause was a leak of API keys used to publish new versions of the extension on Google Chrome’s plugin marketplace. This allowed attackers to push a malicious update that harvested user credentials during the three-day window before the compromise was detected.

This incident underscores the importance of reviewing which applications have access to your crypto assets and remaining vigilant about security practices—even with established platforms.