Ethereum’s latest upgrade, EIP-7702, is facing harsh scrutiny after hackers exploited the feature in a string of phishing attacks that drained over $1.5 million from one investor.
The upgrade, introduced with May’s Pectra hard fork, was designed to make wallets smarter by letting regular Ethereum addresses temporarily act like smart contracts. While this allows users to bundle multiple actions into a single transaction, security experts say it has also created new attack surfaces.
A Growing Wave of Scams
Anti-fraud service Scam Sniffer has tracked at least three major cases this month alone. In the most recent incident, a victim unknowingly signed a batch of malicious approvals disguised as routine transfers. Within seconds, attackers swept $1.54 million in tokens and NFTs, later bridging much of it to Ethereum’s mainnet.
Just days earlier, another investor lost $1 million in a near-identical trap mimicking a Uniswap interface, while a separate case in June saw $66,000 vanish. The method is consistent: fake DeFi sites lure users into approving hidden transfers that drain entire wallets.
Warnings from Security Firms
Wintermute researchers had already flagged the risks back in June, noting that most delegations tied to EIP-7702 were pointing to identical “sweeper” contracts designed to instantly steal incoming ETH.
Scam Sniffer says the threat is escalating as more addresses upgrade under the new standard, with many users unaware of the dangers.
What Users Can Do
Experts advise extra caution when signing batch transactions and avoiding unfamiliar interfaces, no matter how convincing they look. The safest approach, they stress, is sticking to trusted applications and double-checking every permission request.
EIP-7702 may have been meant to streamline Ethereum, but for now, it’s giving hackers an efficient new playground.
The information provided in this article is for informational purposes only and does not constitute financial, investment, or trading advice. Coindoo.com does not endorse or recommend any specific investment strategy or cryptocurrency. Always conduct your own research and consult with a licensed financial advisor before making any investment decisions.
Alex is an experienced financial journalist and cryptocurrency enthusiast. With over 8 years of experience covering the crypto, blockchain, and fintech industries, he is well-versed in the complex and ever-evolving world of digital assets. His insightful and thought-provoking articles provide readers with a clear picture of the latest developments and trends in the market. His approach allows him to break down complex ideas into accessible and in-depth content. Follow his publications to stay up to date with the most important trends and topics.
Source: https://coindoo.com/ethereums-new-upgrade-backfires-hackers-steal-1-5m-overnight/