On the Solana blockchain, scammers may attempt to trick users into approving malicious transactions that delegate ownership of their ATAs (sub-addresses used to store specific tokens) to them. This allows them to drain your funds even after the malicious dApp is disconnected from the app.
Phantom is not responsible for any third-party tools, dApps, or their results. Always exercise caution and do your due diligence.
Revoking Token Approvals / Adjusting Allowances
If you suspect that your associated token accounts have been compromised, you can try to revoke any permissions that attackers might have:
- Connect to your wallet to one of the popular revoke tools in the WEB3 space here: Famous Foxes Revoke Tool
- Click on “Revoke all”.
Recommended Actions
For enhanced security, we strongly recommend creating a new wallet with a new recovery phrase and transferring all remaining assets to the new wallet. After doing so, stop using the compromised wallet. Always download the Phantom wallet from the official website: phantom.app.
Safety Tips
- Avoid following instructions from airdropped and unsolicited NFTs: These are often attempts by scammers to trick you into revealing your Secret Recovery Phrase or connecting and approving malicious transactions.
- Always be vigilant: Double-check the legitimacy of any dApp or tool before approving transactions.