Inferno Drainer Exploits Ethereum EIP-7702 Upgrade Stealing $150,000

Coin WorldSunday, May 25, 2025 11:06 pm ET

1min read

ETH--

In a recent development, the phishing group Inferno Drainer exploited a new attack vector using the Ethereum EIP-7702 upgrade feature, resulting in a significant loss of approximately $150,000 in a single transaction. This incident highlights a novel approach in phishing strategies, where attackers no longer directly hijack wallets but instead lure users into triggering MetaMask's "execute" command. This command silently executes malicious batch approvals in the background, facilitating the transfer of assets without the user's immediate awareness.

The EIP-7702 upgrade, a key feature of the Pectra upgrade, allows an externally owned account (EOA) to temporarily possess smart contract capabilities during a transaction. This capability was leveraged by the attacker, who used an authorized MetaMask wallet to initiate batch token transfer operations. The attack demonstrates a sophisticated understanding of the Ethereum network and its recent upgrades, exploiting the temporary smart contract capabilities to execute unauthorized transactions.

SlowMist founder Cao Yin commented on the incident, noting that this event marks an evolution in phishing strategies. Attackers are now employing more subtle methods to deceive users, making it increasingly difficult for individuals to detect and prevent such attacks. The use of MetaMask's "execute" command allows attackers to bypass traditional security measures, as the malicious approvals are executed silently in the background.

This incident serves as a reminder of the importance of vigilance and security awareness in the cryptocurrency space. Users are advised to be cautious when interacting with unfamiliar wallets or smart contracts, and to thoroughly review all transaction details before authorizing any operations. Additionally, the incident underscores the need for continuous improvement in security protocols and user education to mitigate the risks associated with phishing attacks and other malicious activities.

Comments

﻿

Add a public comment...

No comments yet

Disclaimer: The news articles available on this platform are generated in whole or in part by artificial intelligence and may not have been reviewed or fact checked by human editors. While we make reasonable efforts to ensure the quality and accuracy of the content, we make no representations or warranties, express or implied, as to the truthfulness, reliability, completeness, or timeliness of any information provided. It is your sole responsibility to independently verify any facts, statements, or claims prior to acting upon them. Ainvest Fintech Inc expressly disclaims all liability for any loss, damage, or harm arising from the use of or reliance on AI-generated content, including but not limited to direct, indirect, incidental, or consequential damages.