A recent update in one of the leading altcoins — specifically Ethereum — has introduced an advanced yet potentially dangerous feature that has quickly become a tool for exploitation. Crypto trading firm Wintermute has issued a serious security alert regarding the misuse of EIP-7702, a new feature launched as part of the Pectra hard fork.
🔹 EIP-7702: Innovation or Exploitation Risk?
The feature EIP-7702 introduces a concept called account abstraction, which allows regular wallets to temporarily function as smart contracts. Promoted by Ethereum co-founder Vitalik Buterin, the function is designed to enable users to:
🔹 batch multiple transactions,
🔹 let someone else pay for gas fees,
🔹 and use social authentication within a single transaction.
However, this innovation has quickly turned into a security threat in the wrong hands.
Wintermute: Over 80% of EIP-7702 Usage Is Malicious
According to data analyzed via Dune Analytics, Wintermute revealed a troubling trend:
More than 80% of EIP-7702 delegations are being exploited in “CrimeEnjoyor” attacks.
The method is simple — a short, copy-pasted smart contract code is repeatedly deployed across different addresses. The contract automatically transfers assets from wallets (whose private keys have been leaked) to addresses controlled by the attacker.
“The CrimeEnjoyor contract is short, simple, and widely used,” Wintermute reported. “This replicated bytecode now dominates EIP-7702 delegations. It’s darkly ironic.”
Scam Sniffer and SlowMist Also Issue Warnings
Other security firms have echoed Wintermute's concerns:
🔹 Scam Sniffer reported a malicious transaction linked to the notorious Inferno Drainer scam network, which led to losses of approximately $150,000.
🔹 SlowMist emphasized that wallet providers must support clear identification of destination addresses in smart contracts that users are prompted to sign.
Experts are urging increased transparency and user education to prevent unsuspecting users from authorizing harmful transactions.
❗ Recommendations for Users
🔹 Carefully review smart contract content before signing
🔹 Avoid unverified or suspicious apps utilizing EIP-7702
🔹 Use wallets with enhanced security features and alerts
🔹 Follow tools like Scam Sniffer to detect threats early
💬 Question for readers: Do you believe features like EIP-7702 are the future of crypto wallets—or too risky for widespread adoption?
#EthereumUpdate , #CyberSecurity , #CryptoScamAlert , #BlockchainSecurity , #CryptoNewss
Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“