According to anti-fraud service Scam Sniffer, a cryptocurrency investor recently lost a total of $1.54 million after signing EIP-7702 phishing batch transactions.
Wrapped ETH (wstETH), wrapped BTC (cbBTC), as well as multiple types of other tokens, were stolen during the attack.
Batch transactions, which make it possible to perform multiple operations within a single atomic transaction, were introduced with EIP-7702, which was part of the recent Pectra upgrade.
Even though batch transactions provide a greater level of convenience for legitimate users, they also come with risks. Bad actors can exploit the new feature to trick their victims into singing away their assets.
Such scams typically involve a bogus decentralized finance (DeFi) interface that closely resembles actual applications such as popular decentralized exchange Uniswap.
You Might Also Like
By approving multiple hidden transfers, a user allows a potential attacker to drain their funds in just mere seconds.
Such malicious transactions tend to appear normal on the surface, and some users are not aware of potential risks due to the novelty of EIP-7702.
$1 million worth of NFTs lost
Earlier this week, Scam Sniffer also revealed that someone had lost a total of $1 million of non-fungible tokens (NFTS) as well as other tokens as after signing phishing batch transactions that were actually disguised as Uniswap swaps.
An extremely similar incident also took place earlier this month.
“We’ve spotted multiple victims with this pattern targeting EIP-7702 upgraded addresses,” Scam Sniffer said earlier this month, urging holders to remain vigilant.
Source: https://u.today/crypto-investor-loses-154-million-in-devastating-phishing-scam