\n
![](\"https:\/\/images.cointelegraph.com\/images\/840_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS91cGxvYWRzLzIwMjMtMDEvMWM0MDA0NTUtYTI0YS00NWQxLWIzMDAtYWEyYjkzMmI4MDNlLmpwZw==.jpg\")
<\/p>\n
\n<\/p>\n
On the back of the worst year for crypto hacks<\/a> and exploits, the crypto community has given some advice to newbie investors going into 2023 \u2014 check your smart contract approvals and revoke access regularly. <\/p>\n Reddit user 4cademy posted<\/a>\u00a0their advice\u00a0to the r\/CryptoCurrency subreddit on Jan. 1, noting that they had approved a slew of smart contracts over a two-year period and \u201cthought it was time to check my approved smart contracts.\u201d<\/p>\n They found \u201cnearly all\u201d of their approvals were for \u201cunlimited amounts,” which spurred them\u00a0to revoke approvals for all smart contracts in their wallet as it was \u201cbetter safe than sorry,\u201d and advised:<\/p>\n \u201cYou should at least check your approvals too and possibly revoke them.\u201d<\/p><\/blockquote>\n The reason to do this, the user said, is that some users of Decentralized Finance (DeFi) or nonfungible token (NFT) protocols could have mistakenly approved malicious smart contracts from phishing attempts<\/a> that could be lying in wait to steal user funds.<\/p>\n Such ice phishing scams<\/a> have been successful in the past, with one such elaborate month-long scam involving an offering from a fake film studio leading to\u00a014 Bored Ape Yacht Club<\/a> (BAYC) NFTs stolen from a single wallet.<\/p>\n Even known \u201cgood-behaving\u201d contracts should be revoked as hackers could find exploits to pilfer funds from connected wallets.<\/p>\n The 10 largest exploits in 2022<\/a> saw around $2.1 billion stolen mostly from DeFi protocols and cross-chain bridges where attackers found vulnerabilities in existing smart contracts to carry out their heists.<\/p>\n