A major cryptocurrency theft case involving approximately $7 million has resurfaced after new revelations exposed the alleged perpetrators, not through law enforcement action, but due to an internal conflict within the hacking group itself. The incident dates back to December 2025, when users of Trust Wallet, a wallet officially associated with Binance, fell victim to a malicious Google Chrome browser extension. The attack compromised user assets across 37 different tokens, resulting in losses estimated at around $7 million USD.
At the time, Binance co-founder Changpeng Zhao publicly stated that the company would fully compensate affected users. This commitment was later fulfilled.
Internal Conflict Leads to Exposure
The group allegedly responsible for the attack has been exposed following a dispute between members of the organization. According to information circulating in a viral post on X, the whistleblower, a former insider, released detailed evidence after a disagreement with company leadership over profit-sharing and unpaid severance. The firm named in the allegations is Wuhan Anshun Technology, a Wuhan-based company that publicly presents itself as a cybersecurity service provider specializing in vulnerability research and network defense training.
However, the whistleblower claims the company secretly conducted long-term crypto theft operations targeting digital wallets, including Trust Wallet.
Evidence Released
The leaked materials reportedly include internal chat records detailing coordination of the attack, technical documentation explaining how the malicious Chrome extension was deployed, transaction data showing the movement of stolen funds, and screenshots tracking asset transfers from victims. The whistleblower has also stated intentions to surrender to authorities and provide all evidence directly to law enforcement. They posted it on WeChat but have since deleted it.
Call for Legal Action
The viral post directly tagged Changpeng Zhao, stating that with strong evidence now available, Binance has grounds to pursue legal action and potentially recover the stolen funds. While Binance’s compensation helped reduce immediate financial damage to users, the latest developments highlight the challenges of tracing and prosecuting cybercriminals in the cryptocurrency ecosystem. This is especially difficult when operations are hidden behind legitimate business fronts. Further investigation by authorities is expected following the whistleblower’s reported intention to cooperate.
