Ethereum aimed to make user experience smoother with its latest update… but instead, it opened the door to scammers. 🔓

The newly released EIP-7702, launched on May 7 as part of the Pectra upgrade, was designed to give regular users a smarter way to interact with Ethereum. But now it’s becoming clear: fraudsters have already figured out how to exploit it – and they’re wasting no time.

🧠 What Is EIP-7702, and Why Does It Matter?

EIP-7702 allows regular Ethereum wallets (externally owned accounts, or EOAs) to temporarily act like smart contract wallets by delegating control through a signed message.

Sounds great, right? In theory, yes – it makes transactions more flexible and user-friendly. But in practice, it has opened up a brand-new attack vector for phishing scams.

🚨 The Threat: Fake Delegators Stealing Your ETH

According to cybersecurity firm GoPlus Security, attackers are already posing as trusted “delegators.” Once a user grants them permission, any ETH sent to the user’s wallet is instantly redirected to the scammer.

GoPlus found that once users authorize the malicious delegator address, any ETH transferred to their account gets automatically redirected to the scammer’s address. Source: GoPlus Security

One example is address 0x930f...fd0b – once authorized, it forwards all funds to another scam address like 0x000085bad (yes, even the name screams “don’t trust me”).

These scams are exploiting users’ trust in the Ethereum upgrade. And unless you're careful, you could fall into the same trap.

Every ETH transferred to victims’ wallets get auto-redirected to scammer wallet 0x000085bad. Source: GoPlus Security

🛡️ How to Stay Safe

GoPlus and other experts strongly recommend:

🔹 Never trust email links or unknown URLs that ask you to upgrade to EIP-7702

🔹 Only use official wallet interfaces (like MetaMask) to interact with 7702 features

🔹 Double-check delegation addresses

🔹 And most importantly – never sign messages you don’t understand

🔐 Hardware Wallets? No Longer Invincible

It used to be that hardware wallets were the gold standard in security. But that’s no longer guaranteed. According to Yehor Rudytsia from Hacken, even hardware wallets can sign malicious messages, just like hot wallets.

And EIP-7702 has another vulnerability: it allows signatures with chain_id = 0, meaning your signed message can be replayed across any EVM-compatible chain. That’s a huge red flag.

🔑 Multisig Wallets Still Hold Strong

While single-signature wallets (even hardware-based) are now at risk, multisig wallets remain more secure. They require approval from multiple signers – making unauthorized transactions much harder.

✅ The Bottom Line: EIP-7702 Has Promise – But Watch Your Step

There’s no doubt that EIP-7702 could revolutionize Ethereum user experience. But right now, it’s like giving someone a sports car… without brakes.

👉 If someone tells you to “upgrade” via a link or email – it’s 100% a scam.

👉 Stay alert. Think before you sign.

In crypto, one wrong click can cost you everything. 🧠💸



#Ethereum , #Cryptoscam , #CryptoSecurity , #phishing , #CyberSecurity

Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!

Notice:

,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“