Real Crypto Wallet vs Wallet-Drainer dApp
How to tell a legitimate decentralised application from a wallet-draining smart contract designed to steal your entire crypto balance in one transaction.
Last reviewed: 1 June 2026
Decentralised applications let you interact with blockchain protocols directly from your wallet. Criminals clone the interfaces of popular dApps and swap the smart-contract address so that the 'approve' button you click transfers all your tokens to them instead.
Side-by-side comparison
| Legitimate dApp / wallet | Wallet-drainer dApp | |
|---|---|---|
| URL & domain | Matches the official domain; listed on the project's verified social channels | Slight misspelling or different TLD; often promoted through paid ads or Discord DMs |
| Smart contract address | Matches the audited contract published in official documentation | Different address; no audit trail; 'approve' calls request unlimited token allowances |
| Token approval scope | Requests only the tokens needed for the specific transaction | Requests 'unlimited' or max-integer approval across all tokens in your wallet |
| Transaction preview | Your wallet shows a clear description of what is being moved and to whom | Transaction data is obfuscated; estimated outcome shows zero received |
| Social proof | Thousands of verifiable on-chain transactions; active GitHub repo | Fresh contract; few real transactions; praise comes only from bots or new accounts |
| Source of link | Found via the project's pinned official website or coingecko.com listing | Sent unsolicited via DM, airdrop NFT, or a Google ad targeting the project name |
Common red flags
- URL delivered through a Discord DM or a paid search ad rather than an official project page
- Wallet-approval pop-up requests unlimited token allowances
- Transaction preview shows you receiving nothing in return
- Smart contract address does not match the one listed in official project docs
- Site appeared very recently and has no verifiable history
Verification steps
- Navigate to the dApp only through the URL listed on the project's official Twitter/X pinned post or CoinGecko page — never from ads or DMs
- Before confirming any approval, check the contract address on Etherscan or the relevant block explorer against the project's published documentation
- Use a wallet that shows human-readable transaction previews, and reject any approval for more tokens than the transaction requires
- Revoke unnecessary token allowances regularly using a tool such as revoke.cash
What not to do
- Do not click wallet-connect links sent via DM, airdrop, or unsolicited email
- Do not approve unlimited token allowances without fully understanding the contract
- Do not assume a site is safe because it looks identical to one you have used before
A safe response
If you have already signed a drainer approval, go to revoke.cash immediately and revoke the allowance before the attacker drains your wallet. Move remaining assets to a new wallet address.
Frequently asked questions
Can a hardware wallet protect me from a drainer?
A hardware wallet stops remote key theft but not drainer approvals — you still sign the malicious transaction on the device. The protection is reading the transaction carefully before signing.
Is it possible to reverse a wallet-drainer transaction?
Blockchain transactions are irreversible. If you acted quickly enough to revoke the token approval before the drainer script executes, you may save unaffected tokens, but already-transferred funds cannot be recovered on-chain.