Well, today I’ve got an alert by mail from bscscan informing my MetaMask address was sending tokens to some other address. By the time I got to my computer, the wallet was almost emptied, as I could check at the explorer.
Fortunately, my loss was “only” 0,50 BNB and 0,10 ETH (as they messed with both networks) because almost all my BSC tokens are farming or staking in different sites (which weren’t compromised as far as I know).
Earlier today I’ve installed a software to download music from Spotify and then uninstalled as my antivirus flagged it and mention some trojans “being prun.exe” the only I remember. After all, I’ve cleaned my PC, with three different softwares and cleaned the registry and it seems is now safe.
But:
My MetaMask still got some BEP20 tokens that weren’t stolen, but they are not much worth, so maybe the software didnt took them for low liquidity or not being convenient regarding fees.
My wallet does not show the out movements in the activity section, I can only see them checking bscscan explorer.
Does all this means I’ve should uninstall this wallet as they’ve got my private keys?
How is that even possible, as I’ve didn’t use them never, especially not these days?
How safe would be to create a new wallet, a new MetaMask account in this browser?
If I do so, how would I withdraw the LPs and tokens I have farming in different sites, as I have them connected with my actual compromised address?
Thanks very much in advance for your suggestions.