Inferno Drainer Exploits EIP-7702: $150K Ethereum Theft
Inferno Drainer Exploits Ethereum's EIP-7702 in $150,000 Crypto Theft
The notorious phishing group, Inferno Drainer, has adapted its tactics, exploiting a new Ethereum feature to execute wallet-draining attacks. They are leveraging Ethereum Improvement Proposal (EIP) 7702, introduced with the Pectra upgrade. This EIP allows Externally Owned Accounts (EOAs) to temporarily function as smart contract wallets during transactions, a vulnerability Inferno Drainer is expertly exploiting.
Sophisticated Phishing: A New Approach
On May 24th, Scam Sniffer, a web3 anti-scam platform, reported a significant incident: a wallet upgraded to EIP-7702 suffered a loss of nearly $150,000. According to Yu Xian, founder of blockchain security firm SlowMist, Inferno Drainer executed this theft using a refined phishing technique.
Unlike previous scams that directly hijacked wallets, Inferno Drainer utilized a delegated MetaMask wallet – one already authorized under EIP-7702. This allowed silent token transfers through a batch authorization process. The victim unknowingly triggered an "execute" command in MetaMask, processing malicious data in the background, resulting in a stealthy token drain.
“The phishing gang uses this mechanism to complete batch authorization operations on tokens related to the victim’s address,” Xian stated.
This incident highlights a concerning shift in scam tactics. Attackers aren't relying on outdated methods; they're actively integrating new Ethereum updates into their operations. This emphasizes the need for constant vigilance.
“As we predicted, the phishing gangs have caught up… Everyone should be vigilant; be careful that the assets in your wallet will be taken away,” Xian warned.
Protecting Yourself from EIP-7702 Exploits
Xian urges users to:
- Regularly review token authorizations.
- Check if their wallet addresses have been delegated to suspicious accounts via EIP-7702.
This attack is part of a broader trend. Last month, phishing attacks stole over $5 million from 7,565 individuals. Crypto users must remain proactive. Scam Sniffer advises verifying websites before login and routinely auditing token permissions. Avoid clicking unverified links.
Codeum offers comprehensive blockchain security solutions, including smart contract audits, KYC verification, and custom smart contract development to help protect your assets and projects from similar threats. Contact us to learn more about securing your blockchain investments.