Ethereum recently got a major boost with the Pectra upgrade, following the success of ‘The Merge’. One key feature, EIP-7702, promised to make wallets easier to use. But it is now facing backlash as it is being attacked by malicious actors.
EIP-7702, proposed by Vitalik Buterin, was designed to improve Ethereum wallets by allowing them to act like smart contracts briefly. This meant easier transactions, gas fee sponsorships, and better features like spending limits and passkey authorization. But in reality, it has opened the door for scams.
Malicious Script “CrimeEnjoyor” Exposed
Wintermute, a blockchain security firm, found that over 80% of wallet delegations are linked to one malicious script called “CrimeEnjoyor.” It hijacks wallets and instantly drains their funds to attacker-controlled addresses, all while pretending to offer a better user experience.
“Our Research team found that over 97% of all EIP-7702 delegations were authorized to multiple contracts using the same exact code. These are sweepers, used to automatically drain incoming ETH from compromised addresses,” Wintermute, shared in a recent X post.
“The CrimeEnjoyor contract is short, simple, and widely reused. This one copy-pasted bytecode now accounts for the majority of all EIP-7702 delegations. It’s funny, bleak, and fascinating at the same time.”
Scam Sniffer reported that one wallet lost nearly $150K in a phishing scam tied to Inferno Drainer. As Ethereum adds new features, scams like this are rising, which often catch users off guard.
The Real Weakness: Private Key Safety
Experts note that the EIP-7702 isn’t the real problem, but weak key security is. Stolen or leaked private keys remain the biggest risk. Researchers warn that while 7702 makes transactions smoother, it also makes wallet-draining attacks cheaper and faster.
Firms like SlowMist have urged the wallet providers to improve security features and make contact details more visible. Their message is that convenience should not compromise protection.
Bad Actors Didn’t Profit Much
Despite the massive wallet-draining attempts, attackers have not made a lot of profit. They spent about 2.88 ETH to target nearly 79,000 wallets. One address alone handled over 52,000 of these authorizations.
The stolen ETH is traceable, but so far, the main wallets tied to these scams have not received any funds, which means that the attacks may not be paying off yet.
Earn more PRC tokens by sharing this post. Copy and paste the URL below and share to friends, when they click and visit Parrot Coin website you earn: https://parrotcoin.net0
PRC Comment Policy
Your comments MUST BE constructive with vivid and clear suggestion relating to the post.
Your comments MUST NOT be less than 5 words.
Do NOT in any way copy/duplicate or transmit another members comment and paste to earn. Members who indulge themselves copying and duplicating comments, their earnings would be wiped out totally as a warning and Account deactivated if the user continue the act.
Parrot Coin does not pay for exclamatory comments Such as hahaha, nice one, wow, congrats, lmao, lol, etc are strictly forbidden and disallowed. Kindly adhere to this rule.
Constructive REPLY to comments is allowed