Trust Wallet Browser Extension Security Incident Explained and Why LUNC Users Must Be Careful
Recent reports have raised serious concerns about the security of the Trust Wallet browser extension.
Community investigations initially suggested that a supply chain attack may have been introduced
through an update released on December 24. According to multiple reports, users who imported their
seed phrases into the extension experienced immediate and unauthorized wallet draining.
More than six million dollars in digital assets are believed to have been stolen, with exploiters
using multiple wallet addresses to distribute the funds. These early findings led to widespread
warnings advising users to stop using the Trust Wallet browser extension until official clarification
was provided.
Official Statement From Trust Wallet
Trust Wallet has since released an official statement addressing the incident. According to the
company, the security issue affects only a specific version of the browser extension.
Trust Wallet stated that they have identified a security incident impacting Trust Wallet Browser
Extension version 2.68 only. Users running browser extension version 2.68 are advised to disable
it immediately and upgrade to version 2.69.
The company also confirmed that mobile only users are not impacted by this incident. Additionally,
all other browser extension versions outside of version 2.68 are reported to be unaffected.
Trust Wallet acknowledged the seriousness of the situation and stated that their team is actively
working on resolving the issue. They also confirmed that further updates will be shared as soon
as possible.
What Security Researchers Observed
Before the official clarification, security researchers and community members analyzing the issue
pointed to a file within the extension code named 4482.js. Reports indicated that a recent update
added hidden code that silently transmitted wallet related data outside the extension.
This code allegedly posed as analytics functionality while monitoring wallet activity. It reportedly
triggered when a seed phrase was imported, sending sensitive data to an external domain identified
as metrics trustwallet dot com.
The domain was reportedly registered only days before the incident and later taken offline, raising
further suspicion. An alleged message linked to the attacker stated, “He who controls the spice
controls the universe,” which reinforced concerns about deliberate malicious intent.
Why This Matters for the LUNC Community
This incident is especially important for the Terra Classic community because Trust Wallet is widely
used for storing and transacting LUNC. Many community members rely on the browser extension for
everyday transactions, staking interactions, and wallet access.
Although Trust Wallet has confirmed that only browser extension version 2.68 is affected, LUNC
holders are urged to double check their wallet version immediately. Users who imported seed phrases
into the affected version may face increased risk.
Until the situation is fully resolved and independently verified, caution remains essential. The
LUNC community is encouraged to prioritize wallet security, avoid unnecessary seed phrase imports,
and use only verified and updated wallet software.
Protecting private keys and seed phrases is critical. Once exposed, funds can be drained instantly
and irreversibly. Staying informed and following official security guidance is essential for
safeguarding LUNC assets and maintaining trust across the Terra Classic ecosystem.
