In a recent report by COINOTAG News, Scam Sniffer, a blockchain security platform, unveiled alarming developments regarding phishing tactics employed by the group known as Inferno Drainer. On May 26th, it was reported that this group exploited the Ethereum EIP-7702 upgrade, resulting in a significant financial impact, with losses nearing $150,000 from a single transaction. The EIP-7702 feature, part of the Pectra upgrade, permits an externally owned account (EOA) to acquire temporary smart contract functionalities during transactions, paving the way for potential misuse.
According to excerpts from industry expert and SlowMist founder Cao Yin, this incident represents a notable shift in phishing methodologies. Rather than hijacking wallets outright, attackers are deceiving users into invoking MetaMask’s “execute” command, thereby executing covert malicious approvals that facilitate asset transfers without the user’s explicit awareness. This marks a concerning evolution in the complexity of online security threats within the cryptocurrency landscape.
Source: https://en.coinotag.com/breakingnews/new-ethereum-eip-7702-upgrade-exploited-by-inferno-drainer-phishing-group-resulting-in-150000-losses/
