How to revoke malicious smart contract access?


I was scammed a few days ago using a staking/farming protocol that has since gone offline (polylambo). Usually I move on from such scams and consider it a lesson learned, but now I have a bigger problem: the smart contract I interacted with perpetually siphons tokens for the token addresses that have been staked before: WMATIC, WETH, WBTC, some LPs, QUICK, and POLYDOGE. Essentially what happens is that whenever my wallet address (0x6533…) has a balance of any of the above tokens, a few minutes later that token balance its transferred out into an external wallet address by the malicious smart contract. Let me explain with an example:

I noticed that the token transfer is executed by the following smart contract, which was created by the scam address: 0xD1348C232dAd3D778b38E8927FDA657D71CE906C

Now I know that the easy way out is to just transfer out all my tokens into a separate wallet address and never use the 0x6533… address ever again, but I am in a costly predicament because I have funds staked that earn me QUICK and WMATIC. As it stands, I cannot collect those rewards and I cannot unstake those funds because the malicious smart contract will steal them the moment that they reach my wallet. I also cannot simply change addresses unless I want to lose those funds forever.

The question is, is there any way for me to interact with the malicious smart contract, and revoke read/write access to my wallet? How would I go about such a thing? If not, any suggestions how to get out of this problem? Thanks in advance everyone.

You have allowed someone else to gain control of your wallet. There is nothing you can do to change this; you need to consider this a loss and stop using it immediately.

If you have further discussion about MATIC you should visit the Polygon support; this is forum is for POA Core Network, xDaiChain and the Supported Sokol TestNet.

1 Like