Its an odd one, the more i look into it…
I see i swapoed from bnb to busd, all fine, it showed up, then it vanished??
I looked on the transaction list, to see it was sent via my wallet address to another, but nothing else has been touched?
Im just in the process of moving my funds to a new metamask.
But i do have tokens staked which is going to cause issues im sure…
Has my metamask been compromised? As ive never given out my seed ect. Ive changed the password and deleted from my browser, but have a copy on my phone which i can use. But i dont want to risk looking at anything…
Would they have got my seed already? Or just managed to get in via my browser? And they dont know my password to reveal seed?
Okay now it seems this wallet is compromised. But not completely. Because it has interacted with an address that has malicious activity. Be careful how you connect your wallet to sites that you have not fully verified .
I see, i will still set up a new metamask, and wait until my vesting time ends before i try to unstake my tokens, from the current metamask. as they are locked for 6 months,
I cant think of any sites ive connected my wallet to that were untrustworthy…
I confirm that you have been cheated. This is the address you transferred to. Many people who have the same experience as you have been cheated by the same person.
Dang @mk1gti I’m so sorry this happened. It does sounds like you’re compromised. Getting a brand new wallet with new seed and all is probably your best bet.
You can review and revoke allowances on your current wallet. For ethereum mainnet I use revoke(dot)cash but I’ve never used one that’s for Binance Smart Chain. Looking around, it looks like people recommend allowance(dot)beefy(dot)finance but I can’t verify this and I’d suggest researching it. Revoking permissions for contracts could possibly help, but really getting that new wallet is going to be the safest move.
I should share, reviewing and/or revoking permissions is good to do and review pretty regularly. I try to review my wallet permissions weekly, revoking permissions from basically everything that I’ve interacted with that I’m not using at that moment. This is the same as what I shared above - check that Knowledge Base article.
There are so many ways to get compromised. I feel like I’m forever learning about security. A cold wallet isn’t a bad idea to add either. It’s basically like a set of keys someone would need to get in. Two well known ones are Trezor and Ledger. If you end up getting one, buy directly from these companies and not 3rd parties - there are scams this way too. Before you get one read up on them and understand what can be on them/can’t, how to use, etc.
Superb thank you so much, i do have a ledger, but as i say some of my tokens are locked in a launchpad, i just dont want to lose them if possible. I thought i was good at security i guess not. It could of been alot worse. Ive moved all my tokens to another account now.
I never knew about revoking. If i revok i guess if i need it back i can get it?
I do see one on bscan i dont like the look of… i only have a few on there, i will get rid of the one that looks funny.
You got it! I’m glad this wasn’t too bad for you and hoping all your tokens staked are ok. You could always try reaching out to that team to see if there is a way they could help you ( I’m sure you know this but just to share - don’t share seed - don’t share screen - etc, etc)
Reviewing/revoking permissions is a good tool. I saw someone recommend debank(dot)com too - again I can’t verify this one so research but I have seen it shared a bunch. That Knowledge Base article from MetaMask is a good resource. I try to revoke for everything when at all possible and yep, you can give permissions back - the only catch is this costs gas to do again.
I am not positive if revoking permissions if you’re staking on a site is an issue - I will try to find out this answer for my own learning purposes too! I’m with you - always learning here!
One more thing I wanted to share. You may totally already know this, so I apologize if so but just in case - in addition to revoking permissions, always making sure your accounts are disconnected from dapps is good practice too. This is different from revoking permissions. See this article for more information. Wishing you all the best! -