What to Do If Your Crypto Wallet Is Hacked
If your wallet is hacked, act fast. This post outlines steps: move remaining funds to a new wallet, revoke token approvals, change passwords, and report to authorities and the blockchain project.
Discovering that your crypto wallet has been hacked is terrifying. But staying calm and taking immediate action can help you secure any remaining funds and potentially recover losses. Here is what you must do.
Step 1: Do Not Panic and Do Not Use the Wallet
The first rule is to stop using the compromised wallet immediately. Do not send any more funds to it. The hacker may have access to your private keys or seed phrase, and any new deposit can be stolen instantly.
Step 2: Move Remaining Funds to a New Wallet
If you still have any crypto in the wallet that the hacker hasn't taken, move it to a new, secure wallet. Create a new wallet on a different device or app, write down the new seed phrase offline, and transfer the funds. Prioritize high-value coins first. If you have token approvals on DeFi platforms, revoke them first (see step 3).
Step 3: Revoke Token Approvals
If you used your wallet with DeFi protocols, the hacker can use those approvals to drain tokens. Use a tool like Etherscan's token approval checker or Revoke.cash to revoke all approvals for the compromised wallet address.
Step 4: Change Passwords and Secure Accounts
Change the password for any exchange accounts linked to that wallet. Also change your email password and enable two-factor authentication on all accounts. If your seed phrase was stored online (e.g., in a cloud service), consider that compromised too.
Step 5: Report the Theft
File a report with your local police and cybercrime unit. Also report to the blockchain project's team (e.g., Ethereum, Solana) through their official channels. They may be able to blacklist the hacker's address or freeze funds if the exchange cooperates.
Step 6: Check for Malware
Your device may have malware that stole your keys. Run a full antivirus scan. If you suspect a keylogger, consider wiping your device and restoring from a clean backup.
Step 7: Learn from the Incident
Analyze how the hack happened. Was it a phishing email, a fake app, or a compromised browser extension? Understanding the cause helps prevent future attacks. Consider using a hardware wallet for long-term storage.
Remember, time is critical. The faster you act, the better your chances of minimizing damage. Even if you cannot recover lost funds, securing your identity and other assets is essential.