If you notice unexpected withdrawals, login alerts you didn't trigger, or changes to your account settings, your device or account credentials may have been compromised. This guide walks you through how to respond, how to check your device for signs of intrusion, and how to prevent it from happening again.
Step 1: Act Immediately on Your Pionex Account
Do these first, before investigating your device:
Change your Pionex password — use a strong password you have never used on any other site
Reset your Google Authenticator (2FA) — go to Avatar → Security → Google Authenticator
Review and remove unrecognized logged-in devices — Avatar → Security → Logged Sessions → sign out of anything unfamiliar
Contact Pionex live chat to temporarily freeze withdrawal functionality while you investigate
If you cannot log in because your password or 2FA has already been changed by someone else, contact us immediately at service@pionex.com with your registered email or phone number.
Step 2: Check Whether Your Device Has Been Compromised
Attackers typically gain access through malware installed on your phone or computer. Here is how to check.
Signs your device may be infected:
Apps opening or closing on their own
Battery draining unusually fast
Data usage spiking without explanation
Unfamiliar apps installed that you did not download
Your screen activating without you touching it
On your phone:
Go to your app list and look for any applications you do not recognize — uninstall them immediately
Check which apps have accessibility permissions: on Android, go to Settings → Accessibility → Installed Apps; any app with these permissions that you did not grant intentionally is a red flag
Check which apps have permission to read your SMS messages: Settings → Apps → [App Name] → Permissions
If you downloaded any APK files from outside the official app store recently, uninstall those apps
Run a reputable mobile security scan (e.g., Malwarebytes for Android, or use the built-in security scanner on Samsung/Xiaomi devices)
If in doubt, back up your data and perform a factory reset — this is the most reliable way to remove malware
On your computer:
Run a full scan using reputable antivirus software (e.g., Malwarebytes, Windows Defender, or Bitdefender)
Check your browser extensions — remove any you do not recognize or did not install yourself
Check recently installed programs for anything unfamiliar
Review your browser's saved passwords — if any are stored there, treat all of them as potentially compromised
If you use a Windows PC, check Task Manager for unfamiliar background processes
Step 3: Understand How This Likely Happened
Knowing the entry point helps you prevent it from recurring.
Malicious APK or app outside official stores Downloading Pionex or other apps from unofficial sources is one of the most common causes. Only ever download Pionex from https://download.pionex.com or your device's official app store.
Phishing link You may have clicked a link in a message that looked like it came from Pionex, a bank, or another trusted source. These links install malware silently or steal your credentials on a fake login page.
Screen-sharing or remote access software If anyone ever asked you to install an app so they could "help you" with your account — such as TeamViewer, AnyDesk, or similar tools — and you did so, your device should be treated as compromised. Pionex support will never ask you to install remote access software.
Credential reuse If you used the same password for Pionex as for another website that was breached, attackers may have tested it automatically. Always use a unique password for your Pionex account.
Step 4: Secure Your Account for the Future
Once your device is clean and your account is secured:
Never share your verification codes with anyone, including anyone claiming to be Pionex staff
Use a password manager to generate and store unique passwords for every site
Only access Pionex through the official app or www.pionex.com — bookmark the real URL and use that bookmark every time
Do not click links in unexpected messages that ask you to log in, verify your account, or take urgent action — go directly to the website instead
What Pionex Can and Cannot Do
We can:
Temporarily freeze withdrawal functionality on your account upon request
Provide your transaction history to support a police report
Cooperate with official law enforcement investigations
Flag suspicious wallet addresses with our risk and compliance team
We cannot:
Reverse completed blockchain transactions — once a withdrawal is confirmed on-chain, it cannot be recalled by anyone
Access or control your device
Recover funds that have already left the platform
If you believe criminal activity is involved, file a police report and preserve all evidence — transaction hash, wallet addresses, screenshots of any suspicious communications. Pionex will cooperate with law enforcement requests submitted through official channels.
Contact Us
If your account needs to be frozen urgently, use live chat at www.pionex.com or contact service@pionex.com.