Recent security incidents in the non-custodial wallet sector have been frequent. On December 26, the official Trust Wallet, the non-custodial crypto wallet with the largest user base, issued a security alert confirming that version 2.68 of the browser plugin contains a serious security vulnerability. According to on-chain security researchers, hundreds of Trust Wallet users have been threatened with asset loss due to this vulnerability.

Looking back at the security situation of plugin wallets this year, there have been quite a few issues. In addition to official vulnerabilities, fake software and phishing attacks continue to trouble users—many have accidentally installed counterfeit versions from browser extension stores or downloaded wallet software with malicious code from fake websites, resulting in private keys and assets being directly stolen. Compared to this, the number of confirmed official vulnerabilities is relatively small, but when they do occur, the impact is often widespread.

If you are using the Trust Wallet browser plugin, it is recommended to take immediate action: update to the latest version as soon as possible, check the official security announcements for detailed fixes; also review recent account activity to see if there are any abnormal transactions; if necessary, consider transferring important assets to a hardware wallet or other secure solutions. Additionally, always download wallets through official channels to avoid counterfeit software. Web3 security is no small matter—any oversight could lead to the loss of digital assets.