Ethereum recently got a major boost with the Pectra upgrade, following the success of ‘The Merge’. One key feature, EIP-7702, promised to make wallets easier to use. But it is now facing backlash as it is being attacked by malicious actors.
EIP-7702, proposed by Vitalik Buterin, was designed to improve Ethereum wallets by allowing them to act like smart contracts briefly. This meant easier transactions, gas fee sponsorships, and better features like spending limits and passkey authorization. But in reality, it has opened the door for scams.
Wintermute, a blockchain security firm, found that over 80% of wallet delegations are linked to one malicious script called “CrimeEnjoyor.” It hijacks wallets and instantly drains their funds to attacker-controlled addresses, all while pretending to offer a better user experience.
“Our Research team found that over 97% of all EIP-7702 delegations were authorized to multiple contracts using the same exact code. These are sweepers, used to automatically drain incoming ETH from compromised addresses,” Wintermute, shared in a recent X post.
“The CrimeEnjoyor contract is short, simple, and widely reused. This one copy-pasted bytecode now accounts for the majority of all EIP-7702 delegations. It’s funny, bleak, and fascinating at the same time.”
Scam Sniffer reported that one wallet lost nearly $150K in a phishing scam tied to Inferno Drainer. As Ethereum adds new features, scams like this are rising, which often catch users off guard.
Experts note that the EIP-7702 isn’t the real problem, but weak key security is. Stolen or leaked private keys remain the biggest risk. Researchers warn that while 7702 makes transactions smoother, it also makes wallet-draining attacks cheaper and faster.
Firms like SlowMist have urged the wallet providers to improve security features and make contact details more visible. Their message is that convenience should not compromise protection.
Despite the massive wallet-draining attempts, attackers have not made a lot of profit. They spent about 2.88 ETH to target nearly 79,000 wallets. One address alone handled over 52,000 of these authorizations.
The stolen ETH is traceable, but so far, the main wallets tied to these scams have not received any funds, which means that the attacks may not be paying off yet.
CoinPedia has been delivering accurate and timely cryptocurrency and blockchain updates since 2017. All content is created by our expert panel of analysts and journalists, following strict Editorial Guidelines based on E-E-A-T (Experience, Expertise, Authoritativeness, Trustworthiness). Every article is fact-checked against reputable sources to ensure accuracy, transparency, and reliability. Our review policy guarantees unbiased evaluations when recommending exchanges, platforms, or tools. We strive to provide timely updates about everything crypto & blockchain, right from startups to industry majors.
All opinions and insights shared represent the author's own views on current market conditions. Please do your own research before making investment decisions. Neither the writer nor the publication assumes responsibility for your financial choices.
Sponsored content and affiliate links may appear on our site. Advertisements are marked clearly, and our editorial content remains entirely independent from our ad partners.
Investors are watching the crypto market closely this October as a wave of new ETFs…
The Cardano price is showing strong signs of accumulation as October unfolds, with both technical…
The banking world is changing fast. Traditional methods are slowly giving way to digital innovation,…
The cryptocurrency market is fast, unpredictable, and full of opportunity. But for most traders, keeping…
The crypto market seems to be entering one of its most exciting phases, the beginning…
The crypto world never sleeps — and neither do investors looking for the next breakout.…
