Crypto Wallet Hacked? Here's What to Do
RateMyWallets is reader-supported. When you buy through links on this page, we may earn a commission at no extra cost to you.

If your crypto wallet has been hacked, every minute matters. Follow these five steps in order to limit the damage and secure what is left. Act first, read the explanations after.
Step 1: Move Any Remaining Funds Immediately
If the wallet still has assets, move them to a new, clean wallet before doing anything else. Do not use any wallet that shares a seed phrase, which is a master recovery password consisting of 12 to 24 words used to access your funds, with the compromised one because the attacker has access to all wallets on that seed. Create a brand new wallet on a different device if possible, and write down the new seed phrase before transferring. Send everything, including tokens and NFTs. Time is the only variable you control at this stage.
Step 2: Revoke All Wallet Permissions
Even after moving funds, the compromised wallet may still have an active approval, which is a permission given to a decentralized finance application to move tokens on your behalf. These approvals allow the attacker to pull assets from connected protocols. Use a permissions checker to revoke all outstanding approvals on the compromised address. Read our full walkthrough on how to revoke wallet permissions. Revoking permissions prevents the address from being used to drain anything further.
Step 3: Understand How It Happened
Identifying the attack vector determines what else is at risk. Here is a brief overview of common causes:
- Seed phrase exposed: the entire wallet is drained quickly, and every wallet on that seed is permanently compromised.
- Private key exposed: a secret code that authorizes transactions for a single address, meaning only that one account is at risk.
- Malicious approval: a specific token is drained, but other assets may be safe.
- Phishing site: you connected your wallet to a fake site recently, so check all approvals immediately.
- Malware on device: multiple wallets could be affected, so do not use the device for any crypto activity.
Step 4: Abandon the Compromised Wallet Permanently
A wallet compromised at the seed phrase or private key level cannot be secured. Do not send funds back to it, and do not reuse it. Create a new wallet with a fresh seed phrase on a clean device. Store the new seed phrase securely offline before doing anything else. Read our guide on how to backup your crypto wallet for detailed instructions.
Step 5: Upgrade Your Security
A fresh start is an opportunity to choose a wallet with stronger security for your needs. Different wallets offer different tradeoffs between security, convenience, and supported assets. Our guide on hardware vs software wallets can help you understand the key differences. You can also compare wallets side by side or browse independent reviews to find the right fit. Regardless of which wallet you choose, use a dedicated device for crypto, never store your seed phrase digitally, and audit permissions regularly.
Step 6: Report the Incident
Cryptocurrency theft is rarely recoverable because blockchain transactions are irreversible. That said, filing a report with your local cybercrime authority (such as IC3.gov in the US or Action Fraud in the UK) contributes to pattern tracking and may be needed for insurance claims. If the attack involved a centralized exchange, contact their support immediately. Keep a record of transaction hashes, wallet addresses, and the exact timeline.
A hacked wallet is serious, but it is also a reset point. The steps above stop the damage, identify the cause, and set up a more secure foundation. Most hacks exploit one of a small number of attack vectors, and once you know which one, you can close it permanently.