Glossary
Wallet drain
Unauthorized outbound movement of tokens, NFTs, or native assets from a compromised wallet — often in minutes via approval abuse or key theft.
Common patterns
- Bulk NFT or token outflows in a short window
- Approval to a malicious contract, then automated sweeps (EVM)
- SPL token-account delegate abuse, then sweeps (Solana)
- Native gas sent first, then assets follow
First steps (before tracing)
- Revoke ERC-20/NFT approvals at revoke.cash on EVM chains
- On Solana, review SPL delegates in Phantom or Solscan — not Revoke.cash
- Move remaining assets to a new wallet on a clean device
- Copy every suspicious transaction hash or signature — do not rely on screenshots alone
Related terms