Guide - I Signed a Malicious Smart Contract
This guide will help people who have fallen victim to their wallet being drained. The aim is to minimise damage and then prepare to work with Centralised Exchanges (CEXs).
Last updated
This guide will help people who have fallen victim to their wallet being drained. The aim is to minimise damage and then prepare to work with Centralised Exchanges (CEXs).
Last updated
If you spot assets being transferred from multiple wallets (on the same seed phrase) then go to this section
Go to Revoke Cash to revoke all permissions on the compromised wallet. Start with your most valuable assets. Make sure you check across all of the blockchains that you have used. The example below shows Avalanche.
Once you have revoked access to any malicious contracts, you technically be fine.
If you wanted to be extra careful, you can always send your assets to a brand new wallet.
If you see that your funds have headed out to an exchange, then contact them immediately requesting a freeze. Provide them with the following:
Provide the CEX deposit address
Provide the transaction into the exchange (inc. time & date)
The transaction hashes from the theft
Any approvals (transaction hashes)
any other evidence they request (for example, a chart visualising where the funds went)
Report the matter to your local police force
Report the matter to your national police force
If required, seek assistance from a Lawyer. Lawyers can sometime subpoena an exchange quicker than the police. Please note that some exchanges will only work with law enforcement
If you're in urgent need of assistance, contact admin@intelligenceonchain.com
Assuming that your stolen assets end up on a centralised exchange (CEX), most of the time you're going to need an email from law enforcement, requesting the freezing of the suspected perpetrators account
The police have the powers to request the freezing of accounts or information from accounts.
In our experience, some exchanges will work with lawyers (but not all). Assuming your stolen assets end up in a Centralised Exchange (CEX) and the police are slow to react (which is sometimes the case) Lawyers might be able to offer a letter of demand (for information/freezing) or a subpoena.
Nothing is impossible but the degree of difficulty becomes much higher.
Beware of scammers: If you have publicly shared that your wallet was drained or you have an ENS address (like a .eth address) that is connected with your social profiles, you may be targeted for a follow up scam. If someone approached you and guarantees a return of stolen assets, with an up front cost - this is a scam!