The two primary ways to get hacked in crypto are: (1) giving away your seed phrase to a third party who can access your wallet, and (2) connecting your wallet to a malicious site, giving it the authorization to make transactions on your behalf.
When people complain about their wallet being hacked and are adamant that they did nothing to expose themselves to the risk, 99% of the time it’s because they’ve left an authorization open from a prior transaction which was exploited by a bad actor. Sometimes the funds may be immediately withdrawn from your wallet after you’ve connected to the site and given it approval, and other times the hacker may not exploit the authorization for weeks or months after it was initiated - it may be that you connected to a reputable site, and the authorization was exploited at a later date or the hacker might have been waiting for you to send more crypto to your wallet.
Many people believe that if you disconnect your wallet from a site or app, you’ve neutralized the risk of that site accessing your wallet. This is not the case. Disconnecting the wallet from the site or app makes no difference if an authorization to make transactions in your wallet remains open. You only neutralize the risk by revoking the authorization that you granted. Many people aren’t aware of this, and are blissfully ignorant of the fact that their wallets have authorizations open that can be exploited at any time - I bet many of you reading this are in this situation right now. When I first checked, I had three random authorizations open I wasn’t aware of.
Fortunately, if you know what you’re doing, removing this authorisation is actually quite easy.
Go to revoke.cash (there are other sites that do this, but I’ve used this site for a while and I trust it).
Put your public address into the bar on the top of the page (don’t connect your wallet just yet). If you use different accounts within your wallet, you’ll obviously need to do this exercise for the public address of each of them.
Scroll down and see what authorizations are open against your wallet. You’ll need to toggle through each of the different networks (Ethereum, BSC, Polygon etc) to make sure you’ve caught them all.
If you spot an authorisation you’re not familiar with, or you’re worried about, connect your wallet and click revoke. You can investigate the authorization by clicking on the address that has been given the authorization. You’ll need to pay gas fees to revoke the authorization.
It is good practice to review your authorisations frequently (I do it weekly). Revoke.cash may show you some random tokens in your wallet that you weren’t aware you had - basically airdrops of coins to your wallet without your knowledge. Ignore these - don’t try and import them into your wallet or go to a website looking to find out more about them. They are very likely scam coins airdropped to you by hackers looking for you to interact with them.
Remember not all authorizations are bad; for example, you may have a limit order open on 1nch, and you may need an authorization open for that in order for that limit order to be filled. If you revoke it, your limit order will not get filled.
[link] [comments]
You can get bonuses upto $100 FREE BONUS when you:
💰 Install these recommended apps:
💲 SocialGood - 100% Crypto Back on Everyday Shopping
💲 xPortal - The DeFi For The Next Billion
💲 CryptoTab Browser - Lightweight, fast, and ready to mine!
💰 Register on these recommended exchanges:
🟡 Binance🟡 Bitfinex🟡 Bitmart🟡 Bittrex🟡 Bitget
🟡 CoinEx🟡 Crypto.com🟡 Gate.io🟡 Huobi🟡 Kucoin.
Comments