Malicious Ethereum Contracts Fail to Profit from Wallet Draining Attempts
Wintermute identified malicious Ethereum contracts, termed "CrimeEnjoyors," which exploit wallets with weak security. These contracts emerged from the EIP-7702 proposal that allows regular addresses to temporarily function as smart contracts.
The key points include:
- Over 80% of EIP-7702 delegations used reused contracts targeting vulnerable wallets.
- 97% of these delegations authorized multiple contracts with identical code, labeled as "sweepers."
- One wallet lost nearly $150,000 due to a phishing attack involving malicious transactions.
- Attackers spent approximately 2.88 ETH to authorize around 79,000 addresses.
- One address received over 52,000 permissions but has not shown inbound ETH transfers.
Despite the large-scale attempts, the attacks have not proven financially beneficial for the perpetrators.