On May 26, according to blockchain security platform Scam Sniffer, the phishing organization Inferno Drainer recently used the Ethereum EIP-7702 upgrade feature to implement a new type of attack, causing losses of approximately $150,000 per incident. EIP-7702 is a key function in the Pectra upgrade, allowing externally owned accounts (EOA) to temporarily have smart contract functionality during transactions. Attackers used authorized MetaMask wallets to initiate batch token transfer operations.
Slow Fog founder Yu Xun pointed out that this event marks an upgrade in phishing strategies: attackers no longer directly hijack wallets, but instead induce users to trigger MetaMask's "execute" command, quietly executing malicious batch authorizations in the background to complete asset transfers. (Beincrypto)
