Blockchain Security Firm Warns of EIP-7702 Exploitation Affecting Ethereum
Wintermute has identified significant abuse of Ethereum Improvement Proposal (EIP) 7702, introduced after the Ethereum Pectra upgrade. EIP-7702 enables wallets to temporarily mimic smart contracts for transaction batching, gas fee sponsorship, and spending controls.
- Over 80% of EIP-7702 delegations are associated with automated "sweeper" contracts that drain wallets with compromised private keys.
- The malicious contract, named “CrimeEnjoyor,” uses copy-paste code to exploit these wallets, transferring ETH directly to attackers.
- 97% of EIP-7702 delegations feature nearly identical malicious bytecode.
- Security experts stress the importance of private key security and suggest improving visibility into delegation targets to reduce phishing risks.
- Since the May 7 launch of the Ethereum Pectra upgrade, over 12,000 EIP-7702-related transactions occurred, with users reportedly losing substantial amounts, including one individual who lost close to $150,000 due to malware.
Investment Inflows in Ethereum
- Ethereum led digital asset inflows last week with $286 million, raising total seven-week inflows to $10.9 billion.
- In one week, Ethereum attracted $321 million, marking six consecutive weeks of inflows totaling $1.19 billion.
- Ethereum ETFs contributed significantly, recording ten consecutive sessions of net positive flows.
- ETH price is under pressure, recently dropping below $2,500 amid concerns related to the Pectra upgrade attack.
- Vitalik Buterin announced plans to enhance Ethereum's layer 1 scalability by 10x within a year without sacrificing decentralization.