Chrome Extension Attacks: Trust Wallet Hack & DarkSpectre Campaigns Revealed

Trust Wallet Chrome Extension Hack Drains $8.5M via Shai-Hulud Supply Chain Attack

• A sophisticated Shai-Hulud supply chain attack against a third-party dependency used by the Trust Wallet Chrome extension resulted in the theft of approximately $8.5 million from users.
• The attackers injected malicious code into the @trustwallet/web3-provider npm package, which was then pulled into the browser extension, allowing unauthorized access to users' crypto wallets.
• The attack targeted users of the Trust Wallet browser extension, compromising private keys and draining assets, highlighting risks associated with software supply chain security for browser-based crypto wallets.

Source: The Hacker News | Date: December 20, 2025

DarkSpectre Browser Extension Campaigns Impact 8.8 Million Users

• Researchers have uncovered two extensive DarkSpectre campaigns involving malicious browser extensions that have impacted approximately 8.8 million users globally.
• These campaigns leverage trojanized extensions to steal sensitive user data, inject unwanted advertisements, and redirect web traffic without user consent.
• The malicious extensions primarily target Chrome and Chromium-based browsers, often disguised as legitimate tools or productivity enhancers, prompting users to exercise extreme caution with new installations.

Source: The Hacker News | Date: December 19, 2025

Modified Shai-Hulud Worm Payload Found on npm Registry

• Security researchers have detected a modified version of the Shai-Hulud worm's testing payload actively present on the npm registry, indicating ongoing development and preparation for future supply chain attacks.
• This discovery suggests that the threat actors behind the Trust Wallet Chrome extension hack are refining their attack infrastructure and potentially planning new campaigns targeting software dependencies.
• Developers and users of npm packages are advised to remain vigilant and implement strict supply chain security measures to prevent integration of malicious components into their projects.

Source: The Hacker News | Date: December 19, 2025

References

1. Trust Wallet Chrome Extension Hack Drains $8.5M via Shai-Hulud Supply Chain Attack - The Hacker News
2. DarkSpectre Browser Extension Campaigns Exposed After Impacting 8.8 Million Users Worldwide - The Hacker News
3. Researchers Spot Modified Shai-Hulud Worm Testing Payload on npm Registry - The Hacker News