According to an expert on cybersecurity from SCAM Sniffer, as a result of one phishing attack, the cryptoinvestor lost tokens by almost $ 1 million. It is known that he, unknowingly, signed several malicious transactions that were disguised as Uniswap swaps.
According to the founder of SlowMist, as a result of the victim’s crypto actual incident, the transaction was withdrawn through the new EIP-7702 mechanism in the Ethereum blockchain.
From the point of view of the user who gets to the phishing site, everything happens as follows: he opens a fake site, a request appears to confirm the signature in the wallet, the user presses “confirm”, and after this only action all valuable assets in the wallet instantly disappear, the expert wrote.
The EIP-7702 function in Ethereum was presented in the Pectra update to simplify the work of users on the network. It helps the wallet act as a temporary smart contract, which makes it possible to combine several transactions into a package, include gas sponsorship or set cost limits in one step. In principle, delegation can be canceled, but it depends on a particular network. However, attackers found ways to use this function for their own purposes.
Back in July, the Wintermute cryptocurrency marketer warned that more than 90% of the EIP-7702 delegation was associated with malicious contracts. Many of them are simple scripts for copying and inserts that scan vulnerable wallets and automatically devastate them.
Be in the know! Subscribe to Telegram.
Source: Cryptocurrency
I am an experienced journalist and writer with a career in the news industry. My focus is on covering Top News stories for World Stock Market, where I provide comprehensive analysis and commentary on markets around the world. I have expertise in writing both long-form articles and shorter pieces that deliver timely, relevant updates to readers.
