The EIP-7702 phishing attack is an Ethereum phishing scam that used a malicious delegation flow and Uniswap‑lookalike batch transactions to drain a wallet for ~$1M. Users approved a deceptive wallet signature, enabling the attacker to execute token swaps and batch transfers that emptied the address.
Attack vector: deceptive wallet signature prompts mimicking Uniswap transactions.
Exploit used EIP-7702 delegation mechanics to authorize batch token operations without further user action.
Security impact: one wallet lost approximately $1,000,000; highlights urgent wallet-side validation needs.
EIP-7702 phishing: Ethereum phishing scam drained ~$1M via malicious signature and Uniswap-like transactions — learn how to protect your wallet now.
What is EIP-7702 phishing?
EIP-7702 phishing refers to attacks that exploit Ethereum’s delegated transaction mechanics to trick users into signing a one-time authorization that allows malicious Uniswap‑style batch operations. The result can be immediate wallet drains when a user approves a crafted signature on a phishing site.
‘,
‘
🚀 Advanced Trading Tools Await You!
Maximize your potential. Join now and start trading!
‘,
‘
📈 Professional Trading Platform
Leverage advanced tools and a wide range of coins to boost your investments. Sign up now!
‘
];
var adplace = document.getElementById(“ads-bitget”);
if (adplace) {
var sessperindex = parseInt(sessionStorage.getItem(“adsindexBitget”));
var adsindex = isNaN(sessperindex) ? Math.floor(Math.random() * adscodesBitget.length) : sessperindex;
adplace.innerHTML = adscodesBitget[adsindex];
sessperindex = adsindex === adscodesBitget.length – 1 ? 0 : adsindex + 1;
sessionStorage.setItem(“adsindexBitget”, sessperindex);
}
})();
The attacker hosted a phishing page that mimicked a decentralized exchange. A wallet signature prompt appeared and, when approved, granted the attacker delegation rights under EIP‑7702 semantics. Malicious batch transactions then swapped and transferred multiple tokens in rapid succession.
Security researchers and incident responders, including comments from Yu Xiang at SlowMist Security, note that a single confirmed signature can permit systematic token siphoning. Reported losses in this incident total approximately $1,000,000.
‘
];
var adplace = document.getElementById(“ads-binance”);
if (adplace) {
var sessperindex = parseInt(sessionStorage.getItem(“adsindexBinance”));
var adsindex = isNaN(sessperindex) ? Math.floor(Math.random() * adscodesBinance.length) : sessperindex;
adplace.innerHTML = adscodesBinance[adsindex];
sessperindex = adsindex === adscodesBinance.length – 1 ? 0 : adsindex + 1;
sessionStorage.setItem(“adsindexBinance”, sessperindex);
}
})();
Source: https://en.coinotag.com/ethereum-eip-7702-phishing-exploit-may-have-led-to-1-million-loss-using-uniswap-like-transactions/