Security Alert: Beware of EIP-7702 Phishing Batch Transaction Trap

BlockBeats News, August 24th, SlowMist founder Cao Yun retweeted a security alert posted by ScamSniffer, indicating that today, once again, a user lost approximately $1.54 million due to signing an EIP-7702 phishing batch transaction, involving ETH, BTC, and multiple tokens staked on Ethereum. The principle behind EIP-7702 is to delegate user EOA address authorization to MetaMask: EIP-7702 Delegator, and to complete subsequent token transfer operations through its contract call. This phishing method has been industrialized by mainstream phishing groups. If one is inadvertently induced to make transactions, the entire account assets will be lost. Users are reminded to verify the authenticity of the website and links before confirming transactions to prevent fraud.

Earlier on August 22nd, according to ScamSniffer monitoring, a user signed a phishing batch EIP-7702 transaction disguised as a Uniswap swap trade and lost approximately $1 million in tokens and NFTs. The attacker disguised themselves as the Uniswap trading interface, induced the user to sign the transaction, and embedded malicious code or authorization in the transaction.