My Coinbase wallet is compromised

I am not sure how it's been done, but it was after I unknowingly visited one of those phishing websites on Twitter and thinking it was an official website. Now I have lost a ton of eEth. Is there anything I can do to fix the wallet short of closing it down and starting over again? The hackers seem to be able to transfer my eEth out without my permission and without using the Eth in my account.. here's the hash of an example transaction;


Any suggestions would be greatly appreciated.


Seems there was token allowances tied to eEth and a few other tokens in my wallet given approvals to transfer those tokens immediately I sent them in. Didn't know about this until a kind user here pointed that out. I have revoked ALL token allowances. Hopefully, this resolves the issue. All those reaching out privately to ask me to rectify my wallet or recover my tokens. Thanks for your offer, but I believe I stopped the bleeding for now.

[Update 2]
After watching this video about flashbots
Starting after the 3 minute mark, I can confirm that my PK is not compromised. I was the victim of an approval scam and everything checks out just as described in the video. What is telling us how the white hat community is categorical that there's no way to recover crypto that has already been stolen, and yet many people, after the initial loss fall for secondary scams claiming to assist them with recovering their crypto.

23 thoughts on “My Coinbase wallet is compromised”

  1. Sorry to hear. How much did they get? In the future , just use RobinHood and you don’t have to worry about this bullshit and also no fees

  2. RevokeDOTCash for your account shows the unlimited approval with what they detect as a scam contract.

  3. Looks like the scammers made about 1.5mm off of the scam. About a third of the funds seemed to have ended up in this wallet: 0xa3ebb837428ef51a11f7158bef2cd3bdbb3d4b03 where they have been for about a week now.

  4. “Just signed a transaction”
    There’s the problem right there. Your wallet’s not compromised, you just opened it and handed a bunch of money to stranger. Your wallet is fine.

  5. “The hackers seem to be able to transfer my eEth out without my permission”

    Unfortunately not true, you literally gave them permission when you signed the contract.

  6. So for the future, always use a kill wallet or DMZ approach. I use Metamask myself. Use that frontline wallet to handle connections to unknown sites or new contracts. Then, when you know something is good, transfer the funds to your real wallet. This gives you at least a two layer approach so you’re never making a contract with an unknown site with your good wallet that has big balances. Yes, it might result in more fees, but hey, isn’t that cheaper than your entire wallet being drained?

  7. I didn’t just understand how they could keep draining without any additional approvals. Now I know. Since I now understand how the wallet was compromised, I hope I don’t fall for something like that again.. it costed about $10 in Eth to revoke those allowances. Now lemme see how they will get at me again. Unfortunately, I can’t afford to drop this wallet and start afresh. Now I know the solution, I will be more vigilant going forward.

  8. “I don’t know how it happened?”… “ So anyway after I signed the phishing transaction…” come TF on y’all.

  9. Looks like OP just gave away their money. The Wallet wasn’t compromised OP just fell for a simple phishing scam.

  10. I still don’t get in this day and age after all the times people say never share info especially on a website like twitter and yet it still happens

  11. Every time you sign something, there are consequences. You either send some funds somewhere, or allow someone to take them.

    “I just signed something” – if I handed you a piece of paper which says “I hereby give all my material and immaterial belongings to SubstantialBear”, would you say “I just signed a piece of paper” after I take everything you have? Same with crypto. Signing something 99% of the time means funds are about to be moved, either by you or someone else!

    (Sometimes you are asked to sign a harmless string to verify you control a wallet. This is basically the only time it is considered harmless.)

  12. 3 important things. people already told u about the other 2 helpful things would be a site called virus total. u can right click a link and then copy the address and then paste it into their scanner, and it will tell u if the site has malware. If you want another layer of security you can go to the chrome webstore and download wallet guard by wallet guard tells you when the site is a scam/phising site and protects your wallet by detecting draining contracts before connecting and stopping the connection.

  13. Man, people need to TEST unknown sites with a second wallet that has like $5 in. Then after testing it all out amd your account is still good add little bit of funds and test some more until you are confident with a large sum. Never use your main wallet to interact with smart contracts.

  14. I can’t believe you’re trying to salvage this wallet. Holy shit.

    Get. A. New. Fucking. Wallet.

  15. Hello ndehchef. It looks like you might have found a new scam? If so, please report this scam by crossposting to r/CryptoScams, r/CryptoScamReport, or visiting For tips on how to avoid scams, click here.

    I am a bot, and this action was performed automatically. Please contact the moderators of this subreddit if you have any questions or concerns.

Comments are closed.