Inferno Drainer leverages Ethereum's EIP-7702 to carry out a new attack, resulting in a single loss of $150,000

PANews reported on May 26 that according to Beincrypto, the blockchain security platform Scam Sniffer disclosed that the well-known phishing organization Inferno Drainer recently used Ethereum's EIP-7702 upgrade feature to carry out a new attack, which has caused a single loss of $150,000. EIP-7702 is a key part of the Pectra upgrade, which allows an externally owned account (EOA) to temporarily act as a smart contract wallet during a transaction, and attackers can perform bulk token transfer operations through an authorized MetaMask wallet.

Yu Sine, the founder of SlowMist Technology, pointed out that this attack marks an upgrade in phishing tactics: the attacker no longer directly hijacks the wallet, but uses the "execute" command to perform malicious batch authorization in the background. Security experts recommend that users regularly check the token authorization status and check whether the wallet has been maliciously delegated through tools such as Etherscan.

4.4K

The content on this page is provided by third parties. Unless otherwise stated, OKX is not the author of the cited article(s) and does not claim any copyright in the materials. The content is provided for informational purposes only and does not represent the views of OKX. It is not intended to be an endorsement of any kind and should not be considered investment advice or a solicitation to buy or sell digital assets. To the extent generative AI is utilized to provide summaries or other information, such AI generated content may be inaccurate or inconsistent. Please read the linked article for more details and information. OKX is not responsible for content hosted on third party sites. Digital asset holdings, including stablecoins and NFTs, involve a high degree of risk and can fluctuate greatly. You should carefully consider whether trading or holding digital assets is suitable for you in light of your financial condition.