GoPlus Security Warns of EIP-7702 Phishing Scam After Pectra Upgrade

GoPlus Security has issued a critical security alert following the Pectra upgrade, which has led to the activation of the EIP-7702 Intelligent Account by thousands of users. This upgrade has unfortunately exposed users to a dangerous phishing scam. The malicious Delegator address, identified as 0x930fcc37d6042c79211ee18a02857cb1fd7f0d0b, has been found to automatically redirect ETH from users' accounts to the scammer's wallet once authorized. This alarming discovery underscores the importance of user vigilance and the need for robust security measures in the cryptocurrency space.

Users are strongly advised to authorize the 7702 function only through the official wallet application. It is crucial to avoid clicking on "upgrade options" in external links or emails, as these could be part of the phishing scheme. Additionally, users should always verify the contract source code to ensure they are interacting with legitimate and secure smart contracts. This incident serves as a reminder of the ongoing threats in the digital asset landscape and the necessity for continuous education and caution among users.

The phishing attack targeting the EIP-7702 smart contract highlights the evolving nature of cyber threats in the blockchain ecosystem. As more users adopt intelligent accounts and other advanced features, the risk of falling victim to sophisticated scams increases. This event emphasizes the need for enhanced security protocols and user awareness to mitigate such risks. The cryptocurrency community must remain vigilant and proactive in identifying and addressing potential vulnerabilities to protect users' assets and maintain trust in the system.