Wallet Connect Hijacking

Wallet Connect hijacking is a specific type of attack targeting the protocol used to link mobile or hardware wallets to decentralized applications. Attackers create fake QR codes or intercept the handshake process to establish a malicious session between the user wallet and a fraudulent application.

Once connected, the attacker gains the ability to send transaction requests that the user might inadvertently approve under the guise of interacting with a legitimate service. This exploit relies on social engineering and the technical complexity of the bridging protocol.

It is frequently used in the context of yield farming and derivatives trading to drain liquidity from user accounts. Users should always verify the connection source and review the permissions requested by the application before confirming any link.

Because Wallet Connect is a standard for interoperability, vulnerabilities in its implementation can have widespread consequences for the ecosystem. Awareness of the session status and active management of connected sites are essential defensive measures.