Skip to main content

πŸ”’ What to Do If Your Wallet Is Compromised

Things to do if your wallet get compromised

Act in this exact order. Blockchain transactions are irreversible. Trust Wallet cannot recover stolen funds. These steps focus on stopping further loss.


Step 1 β€” Scan your device first

Do not create a new wallet until your device is confirmed clean. If malware or a keylogger is present, a new secret phrase generated on the same device is already compromised.

  • Run a full scan using reputable antivirus software (Malwarebytes, Bitdefender, or your platform's equivalent)

  • Remove any threats before continuing

  • If you cannot confirm your device is clean, use a different device for all remaining steps

Step 2 β€” Create a new wallet and move remaining funds

  1. Download Trust Wallet only from trustwallet.com/download

  2. Create a new wallet and write down the new 12-word secret phrase on paper. Do not store it digitally, screenshot it, or save it to cloud storage

  3. Transfer any remaining funds from the compromised wallet to your new wallet immediately

⚠️ Do not reuse the old secret phrase, PIN, or any password associated with the compromised wallet. Treat that wallet as permanently exposed.

Step 3 β€” Secure your online accounts

A compromised wallet is often connected to a broader account breach β€” particularly if your secret phrase was ever stored in email, Google Drive, iCloud Notes, or a messaging app.

  • Check for unauthorized activity in your email, cloud storage, and social media accounts

  • Visit haveibeenpwned.com to check if your email appears in known data breaches

  • Change passwords on any account that may have had access to your secret phrase

  • Enable two-factor authentication (2FA) on all accounts

Step 4 β€” Report the incident

Please report the incident with the following information:

  • Your wallet's public address

  • Transaction hashes of the unauthorized transfers

  • Any links, dApps, or contracts you interacted with before the incident

  • Screenshots or chat transcripts if a scammer was involved

  • Estimated value lost

If funds reached a centralized exchange, contact their compliance team directly with the transaction hash. File a report with your national cybercrime authority.

Step 5 β€” Reduce your risk going forward

  • Store your secret phrase offline only β€” written on paper, in a secure physical location. Never in email, screenshots, notes apps, or cloud drives

  • Use a hardware wallet for significant holdings

  • Never enter your secret phrase on any website or app β€” including ones claiming to be Trust Wallet support

  • Keep Trust Wallet updated β€” new versions include the latest Blockaid security patches and token denylists

πŸ’‘ The most common cause of wallet compromise is not a blockchain hack β€” it is the secret phrase being stored somewhere accessible: a screenshot in iCloud, a note in Google Keep, a photo sent over Telegram.

The phrase is the wallet.

Did this answer your question?