Ethereum News Today: Crypto Investor Loses $1M in EIP-7702-Linked Phishing Scam

Generated by AI AgentCoin World
Friday, Aug 22, 2025 2:41 pm ET1min read
ETH
--
UNI
--
Aime RobotAime Summary

- A crypto investor lost $1M via a phishing scam exploiting Ethereum's EIP-7702 upgrade, draining assets through a fake Uniswap transaction.

- Attackers used malicious contracts to mimic swaps, tricking users into approving irreversible asset transfers via deceptive wallet prompts.

- EIP-7702, designed for batch transactions, was weaponized by hackers to siphon funds from vulnerable wallets without further user interaction.

- Security firms warn 90%+ of EIP-7702 delegations link to malicious contracts, urging caution over unlimited token approvals and unverified upgrades.

- The incident highlights DeFi risks from rapid protocol changes, emphasizing the need for stronger safeguards and user education before EIP activation.

A crypto investor recently lost nearly $1 million after falling victim to a phishing scam that exploited Ethereum’s proposed EIP-7702 upgrade, according to blockchain security firm Scam Sniffer [1]. The attacker used a malicious contract to mimic a legitimate

Uniswap
swap, tricking the user into approving a batch of transactions that quickly drained their wallet of five different tokens.

The scam worked by luring the victim to a phishing website where they unknowingly signed a transaction that appeared to be a standard swap. Once confirmed, the attacker immediately withdrew the assets, leaving the user with an empty wallet. “From the perspective of a phished user, it goes like this: the user opens a phishing website, a wallet signature prompt pops up, the user clicks confirm, and with just that one action, all valuable assets in the wallet address vanish in a snap,” explained Yu Xiang, founder of security firm SlowMist [1].

EIP-7702, introduced in Ethereum’s Pectra upgrade, was designed to improve the user experience by allowing a wallet to act as a temporary smart contract, enabling batched transactions and gas sponsorship. While the delegation is supposed to be revocable and limited to a specific network, attackers have found ways to weaponize the feature, using it to siphon assets from vulnerable wallets [1].

Wintermute, a crypto market maker, warned in a June analysis that over 90% of EIP-7702 delegations were linked to malicious contracts. These scripts automatically scan for wallets with weak security and drain their holdings without requiring further user interaction [1]. Scam Sniffer and security experts like Xiang urged crypto users to exercise caution before signing any wallet prompts, especially those requesting unlimited token approvals or contract upgrades under EIP-7702.

The incident underscores the growing risks associated with rapid protocol changes in the DeFi space. Although EIP-7702 is still in the proposal stage and not yet activated, the exploit highlights the potential for misuse before proper safeguards are implemented [1]. Analysts stress the need for rigorous testing, user education, and improved verification mechanisms to mitigate similar attacks in the future [1].

Source: [1] Crypto investor loses $1M in Uniswap scam exploiting Ethereum’s EIP-7702 (https://cryptoslate.com/crypto-investor-loses-1m-in-uniswap-scam-exploiting-ethereums-eip-7702/)