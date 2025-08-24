According to blockchain security platform Scam Sniffer, the attacker drained wrapped ETH (wstETH), wrapped Bitcoin (cbBTC), and several other tokens after tricking the victim into approving malicious batch transactions tied to EIP-7702.

How the scam worked

Batch transactions, a feature introduced in Ethereum’s recent Pectra upgrade, allow users to execute multiple operations in one go. While designed to improve efficiency, the tool has already become a dangerous weapon for scammers.

Fraudsters create fake DeFi platforms that mirror trusted apps like Uniswap. Once a victim unknowingly approves a transaction, the attacker can bundle in hidden transfers, enabling them to empty wallets in seconds.

Scam Sniffer explained that the novelty of EIP-7702 leaves many unaware of the risks, making these kinds of scams particularly effective.

Not an isolated case

The $1.54 million theft is just one in a string of similar attacks. Earlier this week, another victim lost nearly $1 million in NFTs and tokens through the same trick. Multiple cases have already been reported since the upgrade, with attackers specifically targeting addresses upgraded to EIP-7702.

Security researchers warn that the pattern is spreading quickly and urge Ethereum users to carefully verify every transaction request, especially on unfamiliar DeFi interfaces.

