← Back to Problems/Wallet Compromised / Funds Drained

Advanced Help ModeRECOMMENDED

Connect your wallet to get diagnostics tailored to your exact transaction history, approvals, and chain activity.

Approval scanner
TX diagnostics
Live support
Connect Wallet
Seed & RecoveryCritical Severity

Wallet Compromised / Funds Drained

Suspicious activity detected — tokens moved without your authorization.

HackCompromiseRecovery
// OVERVIEW

This guide covers 5 verified steps to resolve "Wallet Compromised / Funds Drained". Follow each step in order before moving to the next. If the steps below don't resolve your issue, use the community support options at the bottom of this page.

// STEP_BY_STEP_FIX5 steps
01

Stop Further Damage Immediately

Do NOT try to send more tokens to the compromised wallet. The attacker likely has a bot monitoring it. Any new deposits will be swept instantly.

02

Create a New Wallet OFFLINE

On a clean device (never connected to internet), create a new wallet. Write down the seed phrase on paper — do not photograph or type it digitally.

03

Rescue Remaining Assets

If any tokens remain, you need to move them before the attacker's bot does. Use a "sweeper" script or Flashbots bundle to frontrun the attacker. This is complex — seek help in official protocol Discords.

04

Identify the Attack Vector

How were you compromised? Phishing site? Malicious contract approval? Leaked seed phrase? Identifying the source prevents it from happening again. Check revoke.cash for unauthorized approvals.

05

Report and Document

Report to: the platform where scam occurred, local cybercrime authorities, and crypto scam databases (chainabuse.com). Document all transaction hashes for any future legal action.

// RECOMMENDED_TOOLS
Revoke.cash
Chainabuse.com
Flashbots
// STILL_STUCK

Join Community Discord

Post your issue in #wallet-support with your tx hash

Check on Etherscan

Look up your transaction hash to see the exact error

MetaMask Official Support

For wallet-specific issues, open a ticket with MetaMask