Wintermute's research revealed that nearly half of Ethereum Improvement Proposal 7702 (EIP-7702) user authorizations involve criminal activities such as phishing and fund theft. According to reports, users have activated the feature 1,580,930 times since May 7 this year, of which the Wintermute team flagged 768,275 times (48%) as criminal-related. This contrasts with Vitalik Buterin's previous claims that the temporary smart contract feature will provide users with "superpowers" and "guardrails"...
Wintermute 研究显示,近一半的以太坊改进提案 7702(EIP-7702)使用者授权涉及网络钓鱼和资金盗取等犯罪活动。 据报道称,自今年 5 月 7 日以来,用户已激活该功能 1,580,930 次,其中 Wintermute 团队将 768,275 次(占 48%)标记为犯罪相关。这与 Vitalik Buterin 此前声称该临时智能合约功能将为用户提供“超能力”和“护栏”的说法形成鲜明对比。 EIP-7702 可在交易期间...
SlowMist founder Cosine said in a post that another player's WLFI tokens from multiple addresses were stolen. Analysis found that this was an attack carried out through the 7702 delegate malicious contract, provided that the private key was leaked. The hacker ambushed the malicious 7702 delegate address on the target wallet address in advance, and then transferred all ETH and valuable tokens (such as WLFI) without leaving any balance.
慢雾创始人余弦发文表示,又遇到一位玩家多个地址的 WLFI 代币被盗。分析发现这是通过 7702 delegate 恶意合约实施的攻击,前提是私钥泄露。黑客提前在目标钱包地址上埋伏恶意的 7702 delegate 地址,随后将所有 ETH 及有价值代币(如 WLFI)转走,不留任何余额。
Slow Mist Cosine disclosed on the X platform that an investor had stolen all the WLFI participating in the private placement due to the leakage of the private key. He said that this was a classic EIP-7702 phishing exploit. First, the private key was leaked, and the phishing gang (possibly more than one) ambushed the wallet address corresponding to the victim's private key. The EIP-7702 exploit mechanism, as long as this mechanism tries to transfer the remaining tokens, such as these WLFI tokens ...
慢雾余弦在X平台披露某投资者因私钥泄露被盗走全部参与私募的WLFI,他表示这是一起经典的 EIP-7702 钓鱼利用。首先私钥泄露,钓鱼团伙(可能不止一个)给受害者私钥对应的钱包地址埋伏好了 EIP-7702 利用机制,这个机制只要试图想转走其中剩余 Token,比如这些被扔进 Lockbox 合约的 WLFI 代币,打入了的 Gas 都会被“自动”转走。抢跑思路是可行的:打入 Gas、把埋伏的 EIP...
According to Scam Sniffer, a crypto anti-fraud monitoring provider, an investor lost about $1.54 million for signing EIP-7702 phishing bulk transactions. Scam Sniffer said it has found multiple similar cases of victims targeting EIP-7702 upgrade addresses, and cautioned against bulk transfer phishing attacks targeting EIP-7702 upgrade addresses.
据加密反欺诈监测提供商Scam Sniffer监测,某投资者因为签署EIP-7702钓鱼批量交易,导致损失约154万美元。Scam Sniffer表示已发现多起针对EIP-7702升级地址的同类受害案例,并且提醒警惕针对EIP-7702升级地址的批量转账钓鱼攻击。
According to the official news, GoPlus Security has issued a security alert. Recently, there have been new phishing attacks against EIP-7702 smart accounts on the Ethereum mainnet, BNB Chain and Base chain. Thousands of addresses have been victimized in just three days, losing more than $10,000 in crypto assets. The attacker uses an address to authorize phishing. Once the user authorizes, the address can automatically transfer the BNB or other tokens that the user then transfers. The GoPlus secu...
据官方消息,GoPlus Security发布安全警报,近日,以太坊主网、BNB Chain和Base链上再次出现新的针对EIP-7702智能账户的钓鱼攻击,仅上线3天已有数千个地址受害,损失超过1万美元加密资产。攻击者使用一个地址进行授权钓鱼,一旦用户授权,该地址便可自动转走用户随后转入的BNB或其他代币。 GoPlus安全团队提醒用户:切勿向陌生地址转账或授权。目前的770...