Odaily Planet Daily News Blockchain security platform Scam Sniffer disclosed that the well-known phishing organization Inferno Drainer recently used Ethereum's upcoming EIP-7702 function to launch a new type of attack, which has caused users to lose $150,000 in a single transaction.
EIP-7702 is a proposal in the Ethereum Pectra upgrade that allows external accounts (EOA) to temporarily appear as smart contract wallets during transactions. Attackers use this to transfer user assets in batches through authorized MetaMask wallets instead of directly controlling wallet permissions.
Yu Xian, founder of SlowMist Technology, said that such attacks have evolved from traditional private key theft to using the "execute" command to execute malicious authorization in the background. Security experts recommend that users regularly check the token authorization status and use tools such as Etherscan to identify abnormal delegation behavior and prevent potential risks. (beincrypto)