Unilabs poses challenge to Ethereum as one of the fastest growing altcoins

Ethereum’s Pectra upgrade facing mounting exploit concerns

easy way to earn money with your business

Concerns continue to mount over Ethereum’s latest protocol upgrade as security risks attract malicious actors aiming to drain user wallets.

The Ethereum Improvement Proposal EIP-7702, part of the Pectra upgrade introduced earlier this year, is drawing scrutiny across the crypto industry after numerous exploits have been observed on chain.

Proposed by co-founder Vitalik Buterin, the upgrade was originally designed to enhance wallet functionality by allowing standard Ethereum wallets to temporarily behave like smart contracts.

However, the feature has attracted significant attention from malicious actors exploiting its capabilities.

Ethereum EIP-7702 Exploits on the Rise

Security researchers have identified that multiple EIP-7702 delegations are linked to malicious wallet-draining bots began on May 30, 2025, after crypto market maker Wintermute flagged a surge in malicious smart contracts abusing the new delegation feature.

While EIP-7702 brings new convenience, it also introduces new risks

Our Research team found that over 97% of all EIP-7702 delegations were authorized to multiple contracts using the same exact code. These are sweepers, used to automatically drain incoming ETH from compromised… pic.twitter.com/xHp7zr4hC9

— Wintermute (@wintermute_t) May 30, 2025

Nicknamed “CrimeEnjoyors,” the contracts are short, reusable snippets of code that automatically scan delegated wallets for vulnerabilities and attempt to sweep funds to attacker-controlled addresses. These malicious scripts automate fund theft from compromised wallets by silently batching fraudulent token approvals in undetectable patterns.

While Wintermute added that many of the malicious contracts have yet to successfully extract funds, some users have already fallen victim. On May 24, 2025, crypto anti-scam platform Scam Sniffer revealed that one user lost approximately $150,000 in ETH to a phishing attack that leveraged a malicious contract using EIP-7702 delegation.

🚨 ALERT: An address upgraded to EIP-7702 lost $146,551 through malicious batched transactions in phishing attack. pic.twitter.com/7GbamqOZVI

— Scam Sniffer | Web3 Anti-Scam (@realScamSniffer) May 24, 2025

The root issue often stems from compromised private keys, which EIP-7702’s functionality exacerbates by enabling rapid, automated theft. Blockchain security firm SlowMist founder Yu stressed the potential impact of the vulnerability, echoing broader calls for users to exercise vigilance.

How to Stay Safe

According to a March 2025 analysis by SlowMist, cautious signing, verified contracts, and smart development practices are key to staying safe with EIP-7702. Users are advised to verify target contracts before delegating access, and avoid interacting with suspicious DApps.

Wallet providers are also urged to display clear warnings during the delegation process, which could serve as an extra layer of protection for users against phishing attempts.

Source link