The advent of new blockchain features often brings both enhanced utility and novel vulnerabilities. A concerning trend has emerged where sophisticated phishing scams are exploiting the recently introduced EIP-7702 batch transactions, leading to substantial cryptocurrency losses for unsuspecting investors. This new attack vector leverages the very convenience EIP-7702 was designed to provide, turning it into a tool for rapid asset drain.
The Treachery of Batch Transactions
EIP-7702, a component of the recent Pectra upgrade, enables users to execute multiple operations within a single, atomic transaction. While this offers significant convenience for legitimate applications, malicious actors are now exploiting it to trick victims. These scams typically involve a bogus decentralized finance (DeFi) interface, meticulously designed to mimic popular platforms like Uniswap. Users are lured into interacting with these fake sites, where they are prompted to sign what appears to be a standard transaction. Unbeknownst to them, this "standard" transaction is a batch transaction secretly approving multiple hidden transfers, allowing an attacker to drain their funds in mere seconds.
Significant Losses and the Call for Vigilance
The impact of these EIP-7702 exploits is already evident and alarming. Recent reports by anti-fraud service Scam Sniffer highlight multiple incidents, including one investor who lost a staggering $1.54 million in various cryptocurrencies like Wrapped ETH (wstETH) and Wrapped BTC (cbBTC). Another incident involved the loss of $1 million in Non-Fungible Tokens (NFTs) and other tokens, all occurring after signing phishing batch transactions disguised as routine swaps. The novelty of EIP-7702 means many users are unaware of these specific risks, making them particularly vulnerable. Scam Sniffer has observed a pattern targeting EIP-7702 upgraded addresses, underscoring the urgent need for crypto holders to remain highly vigilant and exercise extreme caution when interacting with DeFi applications.
