You installed SafeW or SafeX — what now?
Don't panic, but don't put it off either. Work through the steps below in order, and get the first two done as fast as you can. If you granted photo access and ever stored a wallet recovery phrase or a password screenshot on your phone, make Step 3 your top priority.
-
Revoke permissions, then uninstallStep 1 · Now
iPhone: go to Settings → Privacy & Security → Photos / Contacts and turn off access for SafeW (or SafeX); then press and hold the icon to delete it.
Android: go to Settings → Apps → SafeW / SafeX → Permissions and turn off photos, files, contacts, and location; then uninstall.
Revoking permissions before you uninstall reduces the chance of one last read in the moments before removal. -
Check your photo library for sensitive screenshotsStep 2 · Now
Search your photo library for anything you may have saved: wallet recovery phrases / seed phrases, private keys, exchange or wallet passwords, two-factor (2FA) backup codes, ID cards / passports, bank cards. Put them on a "possibly exposed" list — that list determines what you need to do in Step 3.
-
Treat your assets and accounts as compromisedStep 3 · Critical
If you stored a recovery phrase / private key: create a new wallet on a clean device right away and move your assets in as soon as you can; treat the old wallet as compromised and never use it again.
If you stored passwords: change the password on each affected account one by one, and turn on or switch to a stronger form of two-factor authentication.
If you stored ID / banking details: watch for unusual logins and charges, and contact your card issuer if needed. -
Scan your device and check for leftoversStep 4
Android: run a full scan with a reputable security scanner, and watch for any apps you don't recognize.
iPhone: check Settings → General → VPN & Device Management and remove any configuration profiles you don't recognize. -
Break the one habit that's most dangerousStep 5 · Long-term
Stop keeping recovery phrases, private keys, passwords, and backup codes as screenshots or photos in your photo library. Write your recovery phrase down by hand, offline, and store it physically; keep important accounts in a password manager, not your photo library.
Other things you may want to confirm
I never stored a recovery phrase — can I just ignore this?
Uninstalling and revoking permissions are still worth doing. Even without crypto assets, password screenshots, verification codes, and ID photos are exactly the kind of data this malware is after. Knock out Steps 1, 2, and 5 and your risk drops sharply.
Can I just uninstall the app and skip moving my assets?
If a recovery phrase / private key was ever saved as a screenshot in your photo library and you had the relevant apps installed, uninstalling alone can't undo information that has already leaked. Once a recovery phrase may have been exposed, the only reliable move is to transfer your assets to a brand-new wallet.
How do I know whether my wallet is already being targeted?
It's very hard to confirm in real time, so the rule is simple: don't gamble. Rather than waiting until your funds start moving, complete the migration the moment you have doubts — the cost of migrating is far lower than the loss of having your assets drained.
Would reinstalling SafeW on a new phone be safe?
We don't recommend continuing to use SafeW, and we don't recommend SafeX (its renamed version) either. The problem isn't any one device — it's the app itself, which has a documented history of malware ties and was caught with the same issue again even after rebranding. Switching devices doesn't answer the real question of whether the app can be trusted.
Pass this guide along to anyone who might need it
If someone you know uses SafeW or SafeX — especially anyone holding crypto assets — the sooner they see this, the less they stand to lose.