{"id":10209,"date":"2025-12-28T17:26:03","date_gmt":"2025-12-28T17:26:03","guid":{"rendered":"https:\/\/techtrendfeed.com\/?p=10209"},"modified":"2025-12-28T17:26:03","modified_gmt":"2025-12-28T17:26:03","slug":"hackers-compromise-belief-pockets-chrome-extension-customers-declare-hundreds-of-thousands-stolen","status":"publish","type":"post","link":"https:\/\/techtrendfeed.com\/?p=10209","title":{"rendered":"Hackers Compromise Belief Pockets Chrome Extension, Customers Declare Hundreds of thousands Stolen"},"content":{"rendered":"<p> <br \/>\n<\/p>\n<div>\n<p>Belief Pockets customers suffered devastating losses exceeding $7 million after cybercriminals compromised the<a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/gbhackers.com\/dataspii-browser-extensions-steals-data\/\" target=\"_blank\" rel=\"noreferrer noopener\"> Chrome browser extension<\/a> model 2.68.0, launched on December 24, 2025. <\/p>\n<p>The breach, which focused desktop customers completely, left a whole lot of wallets utterly drained inside hours of the malicious replace\u2019s deployment.<\/p>\n<p>Blockchain investigator ZachXBT initially flagged the incident on the social media platform X, noting a suspicious spike in unauthorized fund transfers from affected addresses instantly after person interactions with the compromised extension. <\/p>\n<figure class=\"wp-block-embed is-type-rich is-provider-twitter wp-block-embed-twitter\">\n<div class=\"wp-block-embed__wrapper\">\n<div class=\"embed-twitter\">\n<blockquote class=\"twitter-tweet\" data-width=\"550\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">\ud83d\udea8 Safety Alert<\/p>\n<p>It seems that the <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/twitter.com\/TrustWallet?ref_src=twsrc%5Etfw\">@TrustWallet<\/a> browser extension might have been compromised through a supply-chain assault within the Dec 24 replace.<\/p>\n<p>Stories point out that importing a seed phrase into the extension can lead to rapid pockets draining.<\/p>\n<p>\u26a0\ufe0f Do NOT use the Belief\u2026 <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/t.co\/D2ZMnnkyvj\">pic.twitter.com\/D2ZMnnkyvj<\/a><\/p>\n<p>\u2014 Akinator | Testnet Arc (@0xakinator) <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/twitter.com\/0xakinator\/status\/2004273944694587785?ref_src=twsrc%5Etfw\">December 25, 2025<\/a><\/p><\/blockquote>\n<\/div>\n<\/div>\n<\/figure>\n<p>Victims started reporting the thefts on Christmas Eve, sharing screenshots exhibiting portfolios emptied of Ethereum, <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/gbhackers.com\/hacker-arrested-for-taking-over-sec-social-media\/\" target=\"_blank\" rel=\"noreferrer noopener\">Bitcoin<\/a>, Solana, and Binance Coin holdings.<\/p>\n<p>One sufferer reported shedding $300,000 inside minutes after performing routine authorization by way of the extension, with stolen belongings redirected to a number of attacker-controlled addresses. <\/p>\n<p>Safety agency PeckShield initially estimated losses at $6 million. Nevertheless, Belief Pockets later confirmed that roughly $7 million had been stolen throughout a whole lot of compromised wallets.<\/p>\n<p>Safety researchers recognized malicious code embedded in a JavaScript file named 4482.js that masqueraded as reliable PostHog analytics software program. <\/p>\n<p>The obfuscated script activated when customers imported seed phrases, silently exfiltrating delicate pockets credentials and restoration phrases to api.metrics-trustwallet.com a fraudulent area registered mere days earlier than the assault and designed to imitate official Belief Pockets infrastructure.<\/p>\n<p>The assault demonstrated subtle coordination, with menace actors concurrently launching phishing campaigns through domains equivalent to fix-trustwallet.com. <\/p>\n<p>These fraudulent websites exploited person panic by providing pretend \u201cvulnerability fixes\u201d that prompted customers to enter their seed phrases, enabling prompt pockets drainage.<\/p>\n<p>Belief Pockets acknowledged the safety breach on December 25 through X, confirming the compromise affected solely model 2.68.0. <\/p>\n<figure class=\"wp-block-embed is-type-rich is-provider-twitter wp-block-embed-twitter\">\n<div class=\"wp-block-embed__wrapper\">\n<div class=\"embed-twitter\">\n<blockquote class=\"twitter-tweet\" data-width=\"550\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">\ud83d\udea8 Safety Alert<\/p>\n<p>It seems that the <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/twitter.com\/TrustWallet?ref_src=twsrc%5Etfw\">@TrustWallet<\/a> browser extension might have been compromised through a supply-chain assault within the Dec 24 replace.<\/p>\n<p>Stories point out that importing a seed phrase into the extension can lead to rapid pockets draining.<\/p>\n<p>\u26a0\ufe0f Do NOT use the Belief\u2026 <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/t.co\/D2ZMnnkyvj\">pic.twitter.com\/D2ZMnnkyvj<\/a><\/p>\n<p>\u2014 Akinator | Testnet Arc (@0xakinator) <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/twitter.com\/0xakinator\/status\/2004273944694587785?ref_src=twsrc%5Etfw\">December 25, 2025<\/a><\/p><\/blockquote>\n<\/div>\n<\/div>\n<\/figure>\n<p>The corporate instructed customers to instantly flip off the extension and replace to model 2.69. <\/p>\n<p>Belief Pockets pledged full refunds to victims and warned customers towards responding to unofficial direct messages claiming to supply help.<\/p>\n<p>Binance co-founder Changpeng Zhao urged potential insider involvement within the breach, elevating questions on inner safety controls. <\/p>\n<p>The incident highlights vital supply-chain vulnerabilities in <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/gbhackers.com\/public-perception-of-bitcoin-and-crypto-coins\/\" target=\"_blank\" rel=\"noreferrer noopener\">cryptocurrency <\/a>extensions, the place computerized updates can bypass person verification. <\/p>\n<p>Cybersecurity specialists advocate that affected customers create new wallets and punctiliously confirm all future extension updates.<\/p>\n<p class=\"has-text-align-center has-background\" style=\"background:linear-gradient(135deg,rgb(238,238,238) 100%,rgb(169,184,195) 100%)\"><strong>Observe us on\u00a0<a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/news.google.com\/publications\/CAAqKAgKIiJDQklTRXdnTWFnOEtEV2RpYUdGamEyVnljeTVqYjIwb0FBUAE?hl=en-IN&amp;gl=IN&amp;ceid=IN%3Aen\" target=\"_blank\" rel=\"noreferrer noopener\">Google Information<\/a>,\u00a0<a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/www.linkedin.com\/company\/cyber-threat-intel\/\" target=\"_blank\" rel=\"noreferrer noopener\">LinkedIn<\/a>, and\u00a0<a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/x.com\/The_Cyber_News\" target=\"_blank\" rel=\"noreferrer noopener\">X<\/a>\u00a0to Get Immediate Updates and Set GBH as a Most well-liked Supply in\u00a0<a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/www.google.com\/preferences\/source?q=https:\/\/gbhackers.com\/\" target=\"_blank\" rel=\"noreferrer noopener\">Google<\/a>.<\/strong><\/p>\n<\/div>\n<p><template id="H0BNraFLOntjk3wGdr9T"></template><\/script><br \/>\n<br \/><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Belief Pockets customers suffered devastating losses exceeding $7 million after cybercriminals compromised the Chrome browser extension model 2.68.0, launched on December 24, 2025. The breach, which focused desktop customers completely, left a whole lot of wallets utterly drained inside hours of the malicious replace\u2019s deployment. Blockchain investigator ZachXBT initially flagged the incident on the social [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":10211,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[58],"tags":[1624,5675,1429,3461,554,501,5551,2090,342,663],"class_list":["post-10209","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-chrome","tag-claim","tag-compromise","tag-extension","tag-hackers","tag-millions","tag-stolen","tag-trust","tag-users","tag-wallet"],"_links":{"self":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts\/10209","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=10209"}],"version-history":[{"count":1,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts\/10209\/revisions"}],"predecessor-version":[{"id":10210,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts\/10209\/revisions\/10210"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/media\/10211"}],"wp:attachment":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=10209"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=10209"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=10209"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}<!-- This website is optimized by Airlift. Learn more: https://airlift.net. Template:. Learn more: https://airlift.net. Template: 69d9690a190636c2e0989534. Config Timestamp: 2026-04-10 21:18:02 UTC, Cached Timestamp: 2026-05-15 15:43:33 UTC -->