Have you seen unusual transactions in your Trust wallet, Or have your asset instantly moved to another address after sending them in your wallet? It’s an indication of Bot sweeping.
In 2022, one of the most common problems new crypto joiners face is hacking. Along with good people in the crypto space, there are a few BAD apples. They look for bad ways to earn money from crypto space. Specifically, they scam innocent people unaware of crypto tips and tricks.
Learn more about how to protect your cryptos and your wallet:
There are many ways to scam people, and the easy way out is to attack the secret phrase of someone’s non-custodial wallet. Later, adding a bot into it to Scam further.
Before we enter the following part of our article, We should know what we will learn and what this post will cover.
- What’s a sweeper bot, and how does it work?
- How to know if your wallet is a sweeper bot included?
- How to beat a sweeper bot?
What’s a sweeper bot?
A sweeper bot is a piece of coding script that can be used on a blockchain address to perform automatic outgoing transactions. It works following the instructions that the hacker has instructed
.
Does it work on any public address?
No, A hacker can set a sweeper bot only if the hacker has access to the wallet seed phrase or private key. A Hacker can set a sweeper bot in all the addresses your private key or seed phrase contains.
It can be on any different EVM ( Ethereum virtual machine ) based blockchains, irrespective of Layer 1 or Layer 2 chain.
How Does It Work?
You might be wondering, How does the bot move assets so fast and calculate fees to execute a transaction?
A public blockchain stores all the data of a network. Like Your balance, Incoming or outgoing transactions, swaps, transaction fees, amount of the transaction, and nodes that validate transactions.
If you create a transaction, it remains pending for some time due to transaction traffic in the transaction pool of a network. Nodes must validate it.
When we execute a transaction, all information can be seen by the nodes. That’s how a sweeper bot could find all the information from the TX pool even before your recipient address receives it. After that, It measures the transaction amount and takes an avg. Transaction fees calculation from explorers. Sweeper bot can move assets in seconds before any human can even try.
How to know if your wallet has a sweeper bot added by Hacker?
Unauthorised transactions ( outgoing transactions) in your wallet are a red flag that your wallet might have been scammed. And, There’s a 95% chance that your wallet has a sweeper bot added if it was hacked.
Instant withdrawal after a crypto deposit indicates a sweeper bot job.
Look into explorers. If you think your wallet has been hacked or the address might be a sweeper bot added,
Find out the recipient address and behaviours of that address. Addresses will look fishy with lots of automated, frequent transactions. You may also look for comments in that address; victims often write under such addresses.
The simplest way to find out is by sending some pennies over your wallet. Make sure it’s a popular coin with value. If the sending amount looks profitable to the bot, it will instantly be taken away by the bot.
How are sweeper bots able to trap you in Scams?
Scammers are savvy and becoming more innovative day by day. One of the new tricks they widely use is sharing seed phrases of wallets with many tokens.
But, these wallets won’t have any native crypto balance. They want to tempt people into their trap. Once somebody deposits a native asset, it will be taken away through the sweeper bot, and whoever deposits funds will lose it.
Beware, we strongly recommend that,
Never use a wallet found on the internet.
Never Buy a wallet from somebody.
How to beat a sweeper bot?
Beating a sweeper is tough, although not impossible. Assuming you have funds ( staked, farm, liquidity, NFTs) in your address and the hacker somehow didn’t notice it or waiting for the unlocking process to complete, you have to try to save your remaining funds. You can try the following suggestions to keep/move your asset safely.
Set a sweeper bot - Yes, that’s the best thing you could do to keep your tokens safe. For example, You have had a Liquidity position or tokens in farming. Hacker is trying to unlock your coins. Set a bot to keep any native coin out of your wallet so the hacker becomes unable to move your tokens.
Moreso, even if he deposits a native coin, your sweeper bot will take it, thus no opportunity to transfer tokens. Your tokens will stay there securely for some time.
Keep assets in the address - Imagine a situation where your wallet was hacked, a sweeper was added, but the hacker didn’t notice your staked, farming, or liquidity positions, leave the funds there for some time. Don’t make any transaction on the address, especially unlocking assets.
After some time, the hacker will remove the sweeper bot from your account. When the hacker does so, You can pull out your asset. Generally, hackers could make you wait 2-3 months. Patience will be essential here.
Hire a professional to recover your assets - Hiring a professional white-hat hacker can be the best way to recover your assets. Try to find somebody who is well aware of playing with scripts.
Flashbots, Flashbots offers left over asset recovery from a hacked wallet. You can fill out their form for their help.
There are a few tricks a white hacker would use to pull out your assets, but this does not guarantee 100% of your asset recovery.
In conclusion, fighting against sweepers bot is a hard job to do. It is best and wise not to face such situations. For that, we should be more careful at keeping seed phrase safe.