Hackers Exploit Ethereum's New Upgrade EIP-7702 to Steal Over $140,000! MetaMask Wallet Becomes New Target
Featured Latest News Security 

Hackers Exploit Ethereum’s New Upgrade EIP-7702 to Steal Over $140,000! MetaMask Wallet Becomes New Target

New Phishing Attack on Ethereum Wallets Shocks Blockchain Community

Recently, a new type of phishing attack targeting Ethereum wallets has shocked the blockchain community, with hackers successfully stealing $146,551 worth of crypto assets by exploiting a feature in Ethereum’s latest upgrade, EIP-7702. According to a report by blockchain security company SlowMist, the attackers initiated malicious batch transactions through MetaMask’s EIP-7702 Delegator, circumventing the traditional security mechanisms of the wallet.

EIP-7702: An Upgrade Turned Vulnerability?

EIP-7702 is a recently introduced upgrade proposal for Ethereum that allows wallet users to perform batched transactions via a “Delegator.” Originally intended to enhance operational efficiency and programmability, this feature has now been exploited by hackers as a conduit for asset theft. Through this new capability, the fraudsters were able to silently approve token transfers without adequate user authorization, effectively opening a backdoor behind the user’s back.

Advertisements – Scroll down for more

MetaMask Users Targeted: Hackers Harvesting Silently

In this incident, hackers deployed malicious Delegator contracts to lure users into interaction, subsequently executing batch transactions to extract assets. One MetaMask user fell victim, suffering a loss of up to $146,551. SlowMist founder Yu Xian stated that cases of phishing attacks targeting new features are becoming increasingly prevalent, with hackers quickly adapting to the upgrade pace of Ethereum and deploying fraudulent strategies targeting new functionalities.

Behind the Scenes: Inferno Drainer Resurfaces

This attack has been attributed to the notorious hacker group Inferno Drainer. According to a report by Check Point Research on May 7, 2025, this organization has been linked to over 30,000 wallet attack incidents in the past six months, accumulating losses of $9 million. Inferno Drainer is known for designing bait websites and fraudulent smart contracts, leveraging the latest blockchain features to further upgrade their phishing techniques. The EIP-7702 incident once again confirms their active presence.

Security Warning Issued Earlier: Malicious Addresses Exposed

In fact, on May 20, 2025, blockchain security company GoPlus Security had warned the community about a malicious Delegator address related to EIP-7702 circulating. This warning served as a precursor to the attack but also highlighted the insufficient response of users and the entire DeFi ecosystem when facing new upgrades.

April Fraud Wave: Over 7,500 Wallets Compromised, Losses Exceeding $5.3 Million

This incident is not isolated. In April 2025, the entire cryptocurrency ecosystem faced a massive wave of phishing attacks, with 7,565 wallets compromised and asset losses reaching $5.3 million. This indicates that fraudulent techniques are continuously evolving, and users’ risks are consequently increasing.

How Can Users Protect Themselves? Stay Vigilant of New Features and Avoid Authorization Traps

In the face of these fraud attacks implemented through new features, users must remain particularly vigilant. The following recommendations can effectively enhance security:

  • Avoid clicking on links provided by unknown websites or DApps.
  • Verify the content and address of each transaction authorization.
  • Maintain a skeptical attitude towards smart contracts and features that have not been widely verified.
  • Utilize blockchain security extension tools such as Pocket Universe or ScamSniffer to assist in judging transaction safety.

The advancements in Ethereum bring more possibilities to the ecosystem, but they also mean that hacker toolkits are upgrading in tandem. Only by raising awareness can users safeguard their assets in this race of upgrades and countermeasures.

Risk Warning

Investing in cryptocurrencies carries a high level of risk, and prices may fluctuate dramatically, potentially resulting in the loss of your entire principal. Please assess risks carefully.

You May Also Like

Why Was the Credit Rating of U.S. National Debt Downgraded? What Are the Implications for Taiwan, Which Holds a Significant Amount of U.S. Treasury Securities? An Analysis by Research Institutions.

Why Was the Credit Rating of U.S. National Debt Downgraded? What Are the Implications for Taiwan, Which Holds a Significant Amount of U.S. Treasury Securities? An Analysis by Research Institutions.

Loss of Assets in TON Telegram Wallets 50 Annualized Coin Earnings Rumored to Lock Wallets Customer Service Only Provides Canned Responses

Loss of Assets in TON Telegram Wallets 50 Annualized Coin Earnings Rumored to Lock Wallets Customer Service Only Provides Canned Responses

Demystifying Bitcoin: Unveiling the Truth behind Nine Common Misconceptions

Demystifying Bitcoin: Unveiling the Truth behind Nine Common Misconceptions

Leave a Reply

Your email address will not be published. Required fields are marked *