Urgent Security Warning on Phishing Incidents
Cao Yun, the founder of SlowMist, recently amplified an urgent security warning shared by ScamSniffer, highlighting a significant phishing incident that resulted in a user losing around $1.54 million. The loss stemmed from an EIP-7702 phishing batch transaction that affected various cryptocurrencies, including ETH and BTC, along with multiple Ethereum-based tokens.
Understanding EIP-7702 and Its Exploitation
The EIP-7702 protocol is designed to enable delegation of authorization from a user’s externally owned account (EOA) to MetaMask, allowing subsequent token transfers through contract calls. However, this feature is being exploited by sophisticated phishing operations, posing a grave risk to unsuspecting users. Once a victim is tricked into signing a transaction, they risk losing their entire account balance.
Precautionary Measures for Users
As a precaution, users are strongly advised to scrutinize website URLs and links meticulously before engaging in any transactions. This is crucial to safeguarding their assets against fraudulent schemes.
Recent Phishing Attack Incident
Just a few days earlier, on August 22, ScamSniffer reported another alarming incident where a user fell prey to a phishing attack disguised as a Uniswap swap. This incident led to a loss exceeding $1 million in tokens and NFTs, with attackers cleverly mimicking the Uniswap interface to deceive the target into signing a malicious transaction that contained hidden code or authorizations.
“Users must remain vigilant and cautious to protect their assets in the evolving landscape of cryptocurrency threats.”
