Security incidents, vulnerabilities, and data breaches affecting Ethereum wallets
BankrBot reported that several users had their wallets compromised and drained. The root cause and full scope of the breach have not yet been disclosed. Transactions have been disabled as a precautionary measure while the team investigates.
Global-e, an independent e-commerce platform used by Ledger.com, experienced unauthorized access to their cloud systems. Personal data including names and contact information of Ledger customers who made purchases through Global-e were improperly accessed. No payment information, account credentials, or passwords were compromised.
A malicious version of Trust Wallet Browser Extension (v2.68) was published to the Chrome Web Store on December 24, 2025, through a compromised API key. The attack, linked to the industry-wide Sha1-Hulud supply chain incident, affected users who logged in during December 24-26, 2025. Approximately 2,520 wallet addresses were impacted with $8.5M in losses. Trust Wallet has committed to reimbursing all affected users.
Know about a security incident affecting a wallet? Please help by contributing to our repository!
