Guide - I Signed a Malicious Smart Contract

This guide will help people who have fallen victim to their wallet being drained. The aim is to minimise damage and then prepare to work with Centralised Exchanges (CEXs).

If you spot assets being transferred from multiple wallets (on the same seed phrase) then go to this section

Quick Guide

  1. Go to Revoke Cash to revoke all permissions on the compromised wallet. Start with your most valuable assets. Make sure you check across all of the blockchains that you have used. The example below shows Avalanche.

  1. Once you have revoked access to any malicious contracts, you technically be fine.

  2. If you wanted to be extra careful, you can always send your assets to a brand new wallet.

  3. If you see that your funds have headed out to an exchange, then contact them immediately requesting a freeze. Provide them with the following:

  • Provide the CEX deposit address

  • Provide the transaction into the exchange (inc. time & date)

  • The transaction hashes from the theft

  • Any approvals (transaction hashes)

  • any other evidence they request (for example, a chart visualising where the funds went)

  1. Report the matter to your local police force

  2. Report the matter to your national police force

  3. If required, seek assistance from a Lawyer. Lawyers can sometime subpoena an exchange quicker than the police. Please note that some exchanges will only work with law enforcement

If you're in urgent need of assistance, contact admin@intelligenceonchain.com

Why do I need to report to the Police?

Assuming that your stolen assets end up on a centralised exchange (CEX), most of the time you're going to need an email from law enforcement, requesting the freezing of the suspected perpetrators account

The police have the powers to request the freezing of accounts or information from accounts.

Why would I need a lawyer then?

In our experience, some exchanges will work with lawyers (but not all). Assuming your stolen assets end up in a Centralised Exchange (CEX) and the police are slow to react (which is sometimes the case) Lawyers might be able to offer a letter of demand (for information/freezing) or a subpoena.

Will I get my money back without either a lawyer or law enforcement?

Nothing is impossible but the degree of difficulty becomes much higher.

Beware of scammers: If you have publicly shared that your wallet was drained or you have an ENS address (like a .eth address) that is connected with your social profiles, you may be targeted for a follow up scam. If someone approached you and guarantees a return of stolen assets, with an up front cost - this is a scam!

Last updated