Act in this exact order. Blockchain transactions are irreversible. Trust Wallet cannot recover stolen funds. These steps focus on stopping further loss.
Step 1 β Scan your device first
Do not create a new wallet until your device is confirmed clean. If malware or a keylogger is present, a new secret phrase generated on the same device is already compromised.
Run a full scan using reputable antivirus software (Malwarebytes, Bitdefender, or your platform's equivalent)
Remove any threats before continuing
If you cannot confirm your device is clean, use a different device for all remaining steps
Step 2 β Create a new wallet and move remaining funds
Download Trust Wallet only from trustwallet.com/download
Create a new wallet and write down the new 12-word secret phrase on paper. Do not store it digitally, screenshot it, or save it to cloud storage
Transfer any remaining funds from the compromised wallet to your new wallet immediately
β οΈ Do not reuse the old secret phrase, PIN, or any password associated with the compromised wallet. Treat that wallet as permanently exposed.
Step 3 β Secure your online accounts
A compromised wallet is often connected to a broader account breach β particularly if your secret phrase was ever stored in email, Google Drive, iCloud Notes, or a messaging app.
Check for unauthorized activity in your email, cloud storage, and social media accounts
Visit haveibeenpwned.com to check if your email appears in known data breaches
Change passwords on any account that may have had access to your secret phrase
Enable two-factor authentication (2FA) on all accounts
Step 4 β Report the incident
Please report the incident with the following information:
Your wallet's public address
Transaction hashes of the unauthorized transfers
Any links, dApps, or contracts you interacted with before the incident
Screenshots or chat transcripts if a scammer was involved
Estimated value lost
If funds reached a centralized exchange, contact their compliance team directly with the transaction hash. File a report with your national cybercrime authority.
Step 5 β Reduce your risk going forward
Store your secret phrase offline only β written on paper, in a secure physical location. Never in email, screenshots, notes apps, or cloud drives
Use a hardware wallet for significant holdings
Never enter your secret phrase on any website or app β including ones claiming to be Trust Wallet support
Keep Trust Wallet updated β new versions include the latest Blockaid security patches and token denylists
π‘ The most common cause of wallet compromise is not a blockchain hack β it is the secret phrase being stored somewhere accessible: a screenshot in iCloud, a note in Google Keep, a photo sent over Telegram.
The phrase is the wallet.
