Inferno Drainer has implemented a new type of attack using Ethereum's EIP-7702, resulting in a single loss of $150,000

According to reports from Hash World, the blockchain security platform Scam Sniffer has disclosed that the notorious phishing organization Inferno Drainer has recently utilized the Ethereum EIP-7702 upgrade feature to carry out a new type of attack, resulting in a single loss of $150,000. This EIP-7702 is a key part of the Pectra upgrade, allowing externally owned accounts (EOA) to temporarily act as smart contract wallets during transactions. The attackers executed bulk token transfers through authorized MetaMask wallets. Moreover, the founder of Slow Fog Technology pointed out that this attack marks an upgrade in phishing strategies: attackers no longer directly hijack wallets but instead execute malicious bulk authorizations in the background using the 'execute' command. Security experts recommend that users regularly check their token authorization status and audit their wallets for malicious delegations using tools like Etherscan.