.png){kind=logo}
Following the launch of the Pectra upgrade to Ethereum last month, researchers found a serious security problem in the new EIP-7702 feature. With EIP-7702, EOAs are allowed to function as smart contracts for a limited period. The upgrade's goal was to help improve transaction efficiency, allow batching of transactions, and give users more flexibility.
Nevertheless, some have stolen ETH by leveraging this feature by copying and deploying code that siphons ETH from compromised wallets. These “CrimeEnjoyor” contracts automatically sweep assets from wallets with leaked private keys, as confirmed by Wintermute’s team in a recent X post.
According to Wintermute, a crypto market maker and security firm, 97% of the wallet delegations made possible by EIP-7702 are now linked to “sweeper” contracts that may threaten users’ funds. The company’s team revealed that attackers have spent at least 2.88 ETH authorizing these sweepers.
This demonstrates both the scale and determination behind the scheme. One user lost $146,550 after signing a batch of malicious EIP-7702 transactions, highlighting the real-world risks present.
To address the threat, Wintermute reverse-engineered the malicious bytecode and injected on-chain warnings into the contracts. Security experts have been urging users to verify all smart contract activity and avoid unverified delegations whenever possible.
Even though EIP-725 and EIP-7691 made Pectra more efficient during upgrades, they have also raised the risk of security issues for users. According to reports, Vitalik Buterin suggested a system for Ethereum network nodes that aims to simplify the requirements for everyday Ethereum clients and help more users join the network validation process.
Experts opine that quick advances in Ethereum technology are bringing along both opportunities and challenges. As hackers take advantage of different vulnerabilities, the need for strong verification and transparency tools grows. Security specialists and developers are currently developing ways to inform, monitor, and verify user assets on the Ethereum platform.
