Ethereum News: How Hackers Are Exploiting EIP-7702 To Drain Wallets

The post Ethereum News: How Hackers Are Exploiting EIP-7702 To Drain Wallets appeared on BitcoinEthereumNews.com.

On May 24, Ethereum news saw a wallet freshly enabled with EIP-7702 lost about $150,000 when scammers tricked the user into approving a malicious batch of token transfers. Phishing attacks in crypto have surged. In April 2025 alone, scams drained roughly $5.3 million from 7,565 wallets. Now attackers are leveraging Ethereum’s latest Pectra upgrade – specifically EIP-7702 – to empty user accounts. Security analysts warn that this novel exploit shows how quickly hackers are adapting to Ethereum’s new smart-wallet features. Ethereum EIP-7702 and the Pectra Upgrade EIP-7702 is a key feature of Ethereum’s May 2025 “Pectra” upgrade. It essentially lets ordinary wallets (Externally Owned Accounts, or EOAs) temporarily act like smart-contract accounts during a transaction. Technically, a user can attach small snippets of contract code to their address for one transaction. This brings advanced “account abstraction” benefits to normal wallets: for example, a user can now batch multiple transfers in one transaction, let someone else sponsor their gas fees, or use alternative signature schemes. Wallet providers like Ambire and Trust Wallet have already rolled out EIP-7702 support on Ethereum. Ambire’s CEO hailed it as “the single greatest UX upgrade” to Ethereum, since it unlocks smart-account features without forcing users to create new contract wallets. However, security experts warned that EIP-7702 also opens new attack surfaces. By letting a wallet run custom code, scammers could, in theory, pack an entire wallet-draining routine into a single approval step. As one developer put it, EIP-7702 “provided a new avenue for phishing campaigns to empty entire wallets at once”. In short, features meant to improve flexibility can backfire if users aren’t extremely careful. Ethereum News: Inferno Drainer’s $150K Scam via EIP-7702 The danger became real on May 24, 2025. Scam Sniffer – a Web3 anti-scam platform – reported that a user’s MetaMask wallet, recently…

Leave a Reply

Your email address will not be published. Required fields are marked *

Filed under: News - @ May 25, 2025 10:21 pm