This guide will walk you through exactly what to do, step by step.

Do not send any more funds to the wallet. Any interaction could trigger bots or scripts that auto-drain your balance.

• If you still have funds in the wallet, you can try bridging or transferring them out quickly — but act fast and expect the attacker to be watching.

• Avoid using this wallet for any future swaps, bridges, or dApp interactions.

This is not an approval issue. This is someone else sending funds from your wallet, which requires private key access.

🚩 Key signs:

• ETH or tokens sent without you signing or approving anything

• Transfers show up as simple Transfer transactions (not contract calls)

• Funds leave immediately after arriving

In this example:

✅ Funds IN (green) — funds sent to the wallet (via Relay, in this case)

⚠️ Funds OUT (orange) — sent out from the wallet (via 3rd party with wallet access, in this case)

If you didn’t send this transaction, it’s a strong sign your wallet has been compromised.

• Use a trusted wallet provider

• Generate a completely new wallet

• Back up your seed phrase offline only — not in notes apps, screenshots, or cloud services

• Don’t import this wallet into untrusted browser extensions or platforms

It’s possible your device was compromised via malware, a phishing site, or a fake extension.

• Run a full antivirus or anti-malware scan

• Remove suspicious or untrusted browser extensions

• Be extra careful with links from Discord, Twitter, or airdrop claim pages

Caption: Delete any extensions you don’t remember installing or didn’t intentionally add.

If any tokens or ETH remain:

• Transfer them immediately to your new wallet

• Use a high gas fee to reduce the chance of being front-run

• Batch assets together if possible to reduce fees and delays

Consider the following:

• Did you ever paste your seed phrase into a website?

• Download an airdrop tool or wallet from an unofficial source?

• Import your wallet into a sketchy dApp or extension?

• Clicked a link in Discord, Twitter, or Telegram?

Even if you’re unsure — it’s worth changing behavior now to protect future funds.

To avoid future issues:

• Use a hardware wallet like Ledger or Trezor for storage

• Split funds across:

• A hot wallet for daily activity (bridging/swapping)

• A cold wallet for savings

• Bookmark trusted dApps — never follow links from social media

If you’re unsure — but something feels off — it’s better to act early than lose more later.

Setting up a new wallet and securing your device only takes a few minutes — and could prevent a much larger loss.

It’s a small investment of time for major peace of mind.

🛑 [ ] Stopped using the compromised wallet

🔍 [ ] Checked for unauthorized transfers on a block explorer

🆕 [ ] Created a brand new wallet

📝 [ ] Stored your new seed phrase securely (offline!)

🧹 [ ] Scanned your device for malware or suspicious extensions

💸 [ ] Moved remaining funds to your new wallet

🤔 [ ] Reflected on what might have caused the compromise

🛡️ [ ] Set up stronger wallet security (cold vs hot wallet split)

📬 [ ] Reached out to support if you need help reviewing activity

🧠 Even if you’re unsure, completing this checklist takes just a few minutes — and could prevent much bigger losses later.