Most cryptocurrency users, especially DEFI users, have read stories of Wallet hacks. Some have experienced it themselves. Among several ways by which a wallet can be hacked, I want to bring to the notice of hivans, two common ways wallets are compromised.
Failing To disconnect From Dapps and other Smart Contracts after Usage
Most Defi users usually make this mistake. I call it a mistake because by approving the first Smart contract call, you give the Smart contract permission to spend the tokens in your wallet. Irrespective of the fact that some Smart contracts have limited permission and some have unlimited permission, by not disconnecting from a Smart contract after usage, you expose your wallet to hacking.
The hack can come in two ways;
When the Smart contract was created to have unlimited permission, the funds in the connected wallet can be spent without the approval of the wallet owner.
When the Smart contract has limited permission which of course shouldn't be able to spend tokens without the wallet owner's permission. If the smart contract is compromised along the line. The limited permission can expand and the hacker can access the funds in the connected wallet.
What to do to avoid this?
Since most of us are not developers and do not possess the skill to read Smart Contracts, we need to do the following before connecting to any Smart Contract via trading or staking;
i. Check if the Smart contract is audited.
It is right to know that a smart contract being audited doesn't make it fully safe, it can be compromised with time, but it is a good way to protect ourselves first.
ii. Disconnect from the Smart contract after using. It might be stressful connecting back and forth but if we want to be SAFU, then we must do it.
Storing Our Seed Phrase On Our Mobile.
Some people make this mistake a lot. Paper storage is still the best for hot wallets. If your device is compromised by the websites you visit or by the app, you grant permission to files in the device, your wallet will be hacked.
We need to stay safe. No one will protect us but us. So, be careful with the links you click. Have a special wallet for fund storage and another for trading, so that you don't lose all when you are compromised.