Trust Wallet is one of the leading and most secure mobile crypto wallets on both Android and iOS platforms.
Even as secure as crypto wallets or exchanges can be, they are still prone to hacks since these wallets need to connect to the internet to work.
In recent times, cryptocurrency-related apps (including wallets and exchanges) and investors have become a prime target for hackers since cryptocurrency transactions are irreversible and provide anonymity to a good extent.
If you suspect that your wallet on Trust Wallet has been hacked by a malicious party, you have to act fast to save your funds if they haven’t been transferred out already and in this article, you will learn about some steps you can take (quickly!) if you suspect that your wallet has been compromised.
- 1 Can Trust Wallet Be Hacked?
- 2 How To Know If You’ve Been Hacked?
- 3 What To Do If Your Trust Wallet Was Hacked
- 4 How To Secure Your Wallet On Trust Wallet & Reduce The Chances Of Getting Hacked Again
- 4.1 1) Never Share Your Secret Recovery Phrase With Anyone. Ever!
- 4.2 2) Backup Your Recovery Phrase Securely (Preferably Offline)
- 4.3 3) Do Not Approve Connection To Sketchy Websites/DApps On Your Wallet
- 4.4 4) Only Download Trust Wallet From The Official App Stores
- 4.5 5) Store Large Amounts Of Crypto On Cold Wallets
- 5 Wrapping Up
Can Trust Wallet Be Hacked?
Trust Wallet is one of the most secure decentralized crypto wallets out there and even with the level of security and privacy provided by the platform, it can still be hacked since it is connected to the internet.
One of the most popular ways your wallet on Trust Wallet can be hacked is if your give your Trust Wallet secret recovery phrase to a scammer or a hacker somehow finds the recovery phase you didn’t back it up securely.
In simple terms, anyone who has the recovery phrase of your wallet has FULL unrestricted access to all the crypto assets on the wallet and can transfer these assets out to another wallet(s) at any time. This is why you should never share your recovery phrase with anybody and store it securely.
Other ways your crypto wallet on Trust Wallet can be compromised include approving malicious smart contracts with the unlimited spend/allowance function, malware (including the popular wallet address hijacking malware), phishing scams, and more.
How To Know If You’ve Been Hacked?
If you get notifications from Trust Wallet about funds being transferred out of your wallet or if you give your secret recovery phrase to someone else, your wallet has probably been compromised without your knowledge.
Also, if you have purchased crypto on Trust Wallet in the past with your credit/debit card and you notice transactions on your bank account from Trust Wallet payment partners like Simplex and Moonpay, you might have been hacked.
In summary, if you notice anything unusual on Trust Wallet, then your wallet may have been compromised. It’s as simple as that.
What To Do If Your Trust Wallet Was Hacked
If you think your wallet on Trust Wallet has been compromised because you gave out your recovery phrase or maybe your wallet was hacked with malware on your device, then you should act fast to save whatever is left of your wallet.
As you should know by now, cryptocurrency transactions are not reversible and if the coins/tokens have already been transferred to an external wallet address (usually the hacker/scammer’s own), then there is almost nothing you can do about it.
Below are some of the things you can do if you suspect that your Trust Wallet has been hacked.
1) Create Another Wallet And Transfer Your Funds There Fast!
If you gave a scammer your Trust Wallet recovery phrase, the best action to take is to create another multi-coin wallet on the Trust Wallet app and transfer all your coins and token there if your wallet hasn’t been wiped by the scammer/hacker.
Creating a new wallet on the Trust Wallet app is quite easy. All you have to do is click on [Settings], then select [Wallets]. On the Wallets page, tap on the [+] icon on the top right corner and tap on [Create New Wallet] to create another wallet.
Once the wallet has been created, backup your recovery phrase securely and copy the wallet address of the new wallet. After that, switch back to the compromised wallet and transfer all your funds to that address.
Take note of the funds you’re sending to the address. For Bitcoin, copy the Bitcoin address of the new wallet and transfer all your Bitcoin there. Repeat this process for each coin/token you have on the compromised wallet.
If you send Bitcoin to an incompatible address (e.g an ETH wallet address) and vice versa, you will lose your Bitcoin. This also applies to other cryptocurrencies.
2) Scan Your Device For Malware
If you didn’t give anyone your recovery phrase and you’re sure the recovery phrase is stored securely where no one can access it, then your wallet was probably compromised due to malware.
While malware is not quite popular on mobile operating systems like Android and iOS unlike on desktop operating systems like Windows, your device can still be infected by malware.
If you suspect that your device has been infected with malware that targets crypto wallets, we recommend that you create a new wallet on another device (it could be your PC or another smartphone) then send all your crypto there if it hasn’t been transferred already by the hacker.
After that, download any of the most popular mobile anti-virus apps (e.g Avast, Kapersky, Avira e.t.c) and scan your device to see if it does detect any malware on your phone.
If the anti-virus does not detect any malware on your phone, you can try factory resetting the device to wipe out any malicious app/script your phone might be infected with. Remember to backup all your important files/data before factory resetting your phone.
Once you reset your phone, re-install Trust Wallet and create a new wallet. Then transfer your funds there once more to continue using Trust Wallet. You can also import the new wallet you created into Trust Wallet using the wallet’s recovery phrase.
3) Try Tracing The Transaction Via A Blockchain Explorer
If your funds have already been transferred by the hacker to an external wallet, there is very little you can do but not nothing.
Since all crypto transactions are public, you can trace all the transactions made by the hacker to see the wallet your funds were moved to. For Bitcoin, use the Blockchain explorer by Blockchain.com, for Etherum, use Etherscan.io and for tokens on the BSC network, use BscScan.com.
On any of these explorers, input your wallet address and look for the wallet the hacker transferred your crypto to. Once you get the wallet address, attempt to trace the final destination wallet where the crypto was transferred to.
If the crypto was transferred to any of the wallets issues by centralized exchanges like Binance, Coinbase, Kucoin, Gemini, and more, try contacting the customer support of the exchange and let them know that your stolen crypto is in the account.
Since these exchanges have a mandatory KYC (Know Your Customer) policy which requires every user of the exchange to submit personal information and identity documents, you can get the information of the hacker and take it up from there.
In some cases, the exchange might not release the information of the user but may be able to get your money back or at least get the funds locked by the exchange.
Sadly, if the funds were transferred to a non-custodial wallet and not a wallet with centralized exchanges, there is almost nothing you can do since these wallets don’t have the identity of the owner of the wallet or even have control over the wallet.
4) Contact Your Bank
If your debit/credit card was charged due to transactions made by the hacker, then contact your bank ASAP to see if the transaction can be reversed.
Unlike cryptocurrency transactions, fiat transactions are very much reversible and you might be able to get your money back if you act fast!
5) Report To The Police Or Other Law Enforcement Agencies In Your Country
Like with most other cybercrimes, your last resort should be to report the case to the law enforcement agencies in your country like the police cybercrime department (if they have one).
If you’re in the US, you can consider filing a complaint to the FBI and your local police department. For other countries, report the hack to the correct law enforcement agency in your country.
Sadly, there is very little any law enforcement agency can do to recover stolen crypto assets but not nothing!
Also, in our experience with hack reports across users of multiple wallets and crypto agencies, you will only get more attention from any of these law enforcement agencies if you lost a lot of money to hackers because they have a lot of reports to deal with but still, report the case first and see what happens after that.
How To Secure Your Wallet On Trust Wallet & Reduce The Chances Of Getting Hacked Again
Trust Wallet is as secure as it can get when it comes to crypto wallets but you also need to play your part to ensure your wallet doesn’t get hacked or compromised by malicious third parties.
Below are some things to do to secure your wallet on Trust Wallet and avoid getting hacked again.
This is a golden rule in the world of cryptocurrencies – Never share your recovery phrase with anyone ever no matter who they are.
Anyone who has the recovery phrase of your crypto wallet has full access to crypto assets stored on the wallet and can transfer these assets to another external wallet that they control.
Since crypto transactions are irreversible and anonymous (at least to some extent), if your assets are transferred to another wallet that you don’t control, those assets are gone forever!
Also, if anyone who claims to be a “Trust Wallet Support” agent contacts you on social media platforms like Telegram, Reddit, Twitter, and more, block them immediately and never share your recovery phrase even when asked.
Legitimate Trust Wallet support will never ask you for your recovery phrase since they have no business with accessing your wallet.
2) Backup Your Recovery Phrase Securely (Preferably Offline)
As you should know by now, once someone has to access your 12-word recovery phrase, they can access your wallet and transfer your assets.
Also, if you lose your recovery phrase, you have essentially lost access to your wallet and all the crypto assets stored on it so we highly recommend that your safely backup your recovery phrase preferably offline where no one can access it.
3) Do Not Approve Connection To Sketchy Websites/DApps On Your Wallet
This is one of the most popular tricks hackers use to get access to your wallet. They create DApps or clones of some of the most popular DApps but with a malicious smart contract.
Once you connect your wallet to any of these websites, the hacker will have access to all the funds stored on your wallet and if you are unaware of this, you might end up losing all your crypto assets stored on the wallet.
Always make sure you cross-check the URL of the DApp you’re connecting your wallet to. If you have already connected your wallet to a malicious DApp, you can use a website called Unrekt to revoke all permissions/allowances granted to DApps on your wallet.
4) Only Download Trust Wallet From The Official App Stores
In some cases, hackers might decompile the Trust Wallet app and recompile it with malicious code designed to steal a user’s recovery phrase when they attempt to access their wallet with the modified app.
If you want to install the Trust Wallet app from the official app stores (Google Play for Android and the App Store for iOS devices) since that guarantees that you’re only using the code written by the official Trust Wallet app developers.
5) Store Large Amounts Of Crypto On Cold Wallets
If you’re investing large amounts of money in cryptocurrencies, we recommend that you invest in getting a cold wallet and store all your crypto there securely.
Wallets like Trust Wallet are termed “hot wallets” meaning that they are always connected to the internet. While Trust Wallet is a pretty secure wallet, the fact that it is always connected to the internet makes it vulnerable to hackers.
With a cold wallet, your wallet is never connected to the internet unless you connect it to the internet via special software and wallets. This makes it a more secure option when compared to hot wallets and crypto exchanges.
You can read up on the differences and advantages of using a cold wallet over a hot wallet when storing crypto assets for the long term here. Some of the most popular cold wallet providers are Ledger and Trezor.
Hacks are such a nightmare for crypto investors especially for users of non-custodial wallets like Trust Wallet. If you suspect that your wallet might have been hacked, then you need to act quickly!
If the funds on your wallet have not been transferred to an external wallet by the hacker, then we recommend that you create a new wallet and transfer all your crypto assets there.
Unfortunately, due to the irreversible nature of cryptocurrency transactions, if your assets have already been transferred by the hacker/scammer to another wallet, there is very little you can do.
If you notice the assets have already been transferred, try to trace the transaction using any of the blockchain explorers and contact the exchange the assets were transferred to if it was transferred to a centralized exchange.
Alternatively, you can report the incident to any of the law enforcement agencies in your country.
We hope this article was of help to you if you’re searching for some quick actions you can take to recover your crypto assets from a hacked wallet on Trust Wallet.