2025-12-30 16:30:23

#战略性加仓BTC Browser wallet has experienced another major issue, and this time it's quite serious!

Holders of $BNB, $SOL, and $ZEC tokens should be especially cautious—if you're using a popular wallet browser extension and haven't updated it promptly, you might have already been affected.

Here's what happened: From December 24 to 26, 2025, the wallet version v2.68 was targeted in a supply chain attack (codename Sha1-Hulud). Attackers gained publishing rights to the browser store through leaked GitHub credentials, and a malicious update was pushed that embedded code to steal API keys. The result? Over 2,520 wallet addresses were compromised, with losses approaching $8.5 million. This is a continuation of the supply chain incident from November—clearly, security defenses still have vulnerabilities.

Current situation:

· The problematic version is v2.68
· Confirmed stolen assets amount to $8.5 million
· The official team has released v2.69 patch, revoking the compromised credentials
· Over 5,000 claim submissions have been received and are under review

If you haven't acted yet, now is the time:

1. Quickly transfer your assets to a new wallet
2. Fill out the claim form on the official site
3. Upgrade your extension to v2.69 or a newer version

The wallet team says they are optimizing the compensation verification process and have already contacted some victims. But honestly, repeated incidents like this do raise concerns about the security of browser extensions. Have you upgraded yet? Or have you already been affected? Let's discuss in the comments.

BTC0,77%

BNB1,7%

SOL5,4%

ZEC4,47%

View Original

This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.

26 Likes

Reward
26
9
Repost
Share

Comment

0/400

GhostAddressMiner

· 01-02 14:53

$8.5 million vanished overnight... Once again, it's the same old trick with GitHub credentials. The question is, where are the 2,520 compromised addresses now? The on-chain footprints are definitely still there; it all depends on who tracks the movement of those funds.

View OriginalReply0

ExpectationFarmer

· 01-02 09:47

Oh no, here we go again. I've already switched to a hardware wallet, forget it. --- Once again and again, I really should reflect on whether browser extensions are reliable. --- $8.5 million just lost like that? Claiming compensation will have to wait until the Year of the Monkey. --- I told you not to fully trust browser wallets. I should have transferred to a cold wallet long ago. --- So many people got caught in this round, it's really exhausting, and now they have to fill out forms. --- Even basic mistakes like leaking GitHub credentials can happen, I'm convinced. --- Hurry up and upgrade to v2.69, but honestly, I'm a bit hesitant to use this extension now. --- Does anyone have any recommended wallets that won't explode in a scandal? I'm really scared after being scammed. --- $8.5 million, the official must be taking a big hit now. Future compensation might be discounted. --- Here we go again, my confidence has plummeted.

View OriginalReply0

Blockblind

· 2025-12-31 18:12

I knew this wallet was suspicious, and it happened again? Truly outrageous --- v2.68, uninstall quickly, but to be honest, browser wallets are inherently risky --- Lost 8.5 million, huh, this compensation review will probably be a hassle again --- Fortunately, I’ve always stored my funds in a cold wallet, just watching the joke --- Brothers, what era are we in? Still using browser extensions? I switched to a hardware wallet long ago --- Is this compensation reliable? Feels like the official can easily shift blame --- 5,000 claim applications, haha, this review will probably take forever --- I didn’t get caught, but it’s annoying to watch. Let’s switch wallets, everyone

View OriginalReply0

YieldWhisperer

· 2025-12-30 16:59

actually wait... 8.5M on 2520 wallets? that's like 3370 per wallet average. the math doesn't check out here ngl

Reply0

DuskSurfer

· 2025-12-30 16:52

Another one? This industry is really surreal. Damn, twice in a month, is the review defense line completely useless? Hurry up and upgrade to 2.69, cold wallets are the real boss. Over five thousand compensation claims are piling up, this compensation will have to wait until the Year of the Monkey. Fortunately, I cleared out my hot wallet long ago; I've seen this kind of thing many times. Browser extensions are a minefield; anyone who uses them gets hacked.

View OriginalReply0

zkProofGremlin

· 2025-12-30 16:47

Damn, another one? This security defense line is too weak, repeatedly failing again and again. Hurry up and transfer your funds, don't delay. Browser wallets are feeling more and more unreliable. Uninstall version 2.68 directly, upgrade to 2.69, then transfer all assets to a cold wallet. 2520 addresses were compromised, losing 8.5 million dollars. This is no small matter... Have you filled out the claim form? Just waiting around won't do. Why is it always this kind of crappy situation? I'm really convinced. Does anyone still dare to use browser extension wallets?

View OriginalReply0

ProxyCollector

· 2025-12-30 16:45

Damn, another one? Browser wallets are really a minefield. Really, hardware wallets are the safest. I don't use these extensions anymore. $8.5 million just disappeared like that. How many people must be losing their minds? Update v2.68, uninstall it quickly. It’s already upgraded to 69. This is just too ridiculous. I've always said not to put all your eggs in one basket. The defense line for wallets is just too thin. By the way, how much can this claim actually compensate? How can they review 5,000 applications? If this time it’s a large holder of BNB or SOL, they’re probably going to cry their eyes out. Just move the coins elsewhere. Again with GitHub credential leaks... The internal security of this company is really worrying. I'm angry. I just transferred my coins last week. Can't be this unlucky, right?

View OriginalReply0

AirdropHunterZhang

· 2025-12-30 16:45

I was just saying when it would explode. Repeatedly, this browser wallet really is a good tool for cutting leeks... Hurry up and run away, transfer your coins to a cold wallet, and don't wait to be left with nothing.

View OriginalReply0