26-5-2025 – In a sophisticated exploitation of Ethereum’s latest protocol enhancement, cyber criminals have unveiled a novel attack vector, leveraging the recently implemented EIP-7702 feature to orchestrate unauthorised bulk token transfers.
The breach, uncovered by blockchain security firm Scam Sniffer, saw the notorious Inferno Drainer group exploit a temporary smart contract functionality, resulting in a substantial theft of $150,000 from unsuspecting victims.
At the heart of this security incident lies the Pectra upgrade’s EIP-7702 protocol, an innovation designed to enhance transaction flexibility by temporarily granting standard cryptocurrency wallets the capabilities of smart contract wallets.
“We’re witnessing a significant evolution in phishing tactics”, warns SlowMist Technology’s founder, Yu Xian. Rather than traditional wallet compromises, these sophisticated attackers now deploy background processes to execute mass authorisations, catching users unaware whilst their tokens are systematically drained.
In response to this emerging threat, cybersecurity specialists are strongly advising cryptocurrency holders to conduct regular authorisation audits. Users are particularly encouraged to employ blockchain explorers such as Etherscan to detect any suspicious delegation of wallet permissions that could indicate compromise.
