BorsaDEX+
Kripto AlPiyasalarSpotVadeli İşlemler500XBirikimEtkinlikler
Daha Fazla
0 Spot Fees
The post Crypto investor loses $1M in Uniswap scam exploiting Ethereum’s EIP-7702 appeared on BitcoinEthereumNews.com. A single phishing attack drained nearly $1 million worth of tokens from a crypto investor who unknowingly signed a batch of malicious transactions disguised as Uniswap swaps, according to blockchain security firm Scam Sniffer. In an Aug. 22 post on X, Yu Xiang, founder of blockchain security firm SlowMist, noted that the incident involved five tokens siphoned through a transaction exploiting Ethereum’s new EIP-7702 mechanism. He explained: “From the perspective of a phished user, it goes like this: the user opens a phishing website, a wallet signature prompt pops up, the user clicks confirm, and with just that one action, all valuable assets in the wallet address vanish in a snap.” EIP-7702 was introduced in the Pectra upgrade to streamline the Ethereum user experience. The feature allows a wallet to act like a temporary smart contract, making it possible to batch multiple transactions, enable gas sponsorship, or set spending limits in one step. In principle, the delegation is revocable and network-specific. However, attackers have found ways to weaponize the feature in practice. Crypto market maker Wintermute has warned that the standard’s implementation is being exploited at scale. Its June analysis showed that more than 90% of EIP-7702 delegations were linked to malicious contracts. The firm pointed out that many of these contracts are simple copy-paste scripts that scan for vulnerable wallets and drain their holdings automatically. Considering this, Scam Sniffer and Xiang urged crypto users to take extra care before signing wallet requests. They recommended verifying domain names, avoiding rushed confirmations, and rejecting signatures that seem unclear or overly broad. They also stated that some of the red flags that could arise include requests for unlimited token approvals, contract upgrades under EIP-7702, or transaction simulations that do not match expectations. Mentioned in this article Latest Alpha Market Report Source: https://cryptoslate.com/crypto-investor-loses-1m-in-uniswap-scam-exploiting-ethereums-eip-7702/The post Crypto investor loses $1M in Uniswap scam exploiting Ethereum’s EIP-7702 appeared on BitcoinEthereumNews.com. A single phishing attack drained nearly $1 million worth of tokens from a crypto investor who unknowingly signed a batch of malicious transactions disguised as Uniswap swaps, according to blockchain security firm Scam Sniffer. In an Aug. 22 post on X, Yu Xiang, founder of blockchain security firm SlowMist, noted that the incident involved five tokens siphoned through a transaction exploiting Ethereum’s new EIP-7702 mechanism. He explained: “From the perspective of a phished user, it goes like this: the user opens a phishing website, a wallet signature prompt pops up, the user clicks confirm, and with just that one action, all valuable assets in the wallet address vanish in a snap.” EIP-7702 was introduced in the Pectra upgrade to streamline the Ethereum user experience. The feature allows a wallet to act like a temporary smart contract, making it possible to batch multiple transactions, enable gas sponsorship, or set spending limits in one step. In principle, the delegation is revocable and network-specific. However, attackers have found ways to weaponize the feature in practice. Crypto market maker Wintermute has warned that the standard’s implementation is being exploited at scale. Its June analysis showed that more than 90% of EIP-7702 delegations were linked to malicious contracts. The firm pointed out that many of these contracts are simple copy-paste scripts that scan for vulnerable wallets and drain their holdings automatically. Considering this, Scam Sniffer and Xiang urged crypto users to take extra care before signing wallet requests. They recommended verifying domain names, avoiding rushed confirmations, and rejecting signatures that seem unclear or overly broad. They also stated that some of the red flags that could arise include requests for unlimited token approvals, contract upgrades under EIP-7702, or transaction simulations that do not match expectations. Mentioned in this article Latest Alpha Market Report Source: https://cryptoslate.com/crypto-investor-loses-1m-in-uniswap-scam-exploiting-ethereums-eip-7702/

Crypto investor loses $1M in Uniswap scam exploiting Ethereum’s EIP-7702

Yazar: BitcoinEthereumNewsKaynak: BitcoinEthereumNews
2025/08/23 02:48
Prompt
PROMPT$0.05047+1.00%
Moonveil
MORE$0.002552-0.73%
TokenFi
TOKEN$0.006387+171.32%
COM
COM$0.006773+5.86%
Wink
LIKE$0.003114-1.54%
Scamcoin
SCAM$0.00003914+0.02%

A single phishing attack drained nearly $1 million worth of tokens from a crypto investor who unknowingly signed a batch of malicious transactions disguised as Uniswap swaps, according to blockchain security firm Scam Sniffer.

In an Aug. 22 post on X, Yu Xiang, founder of blockchain security firm SlowMist, noted that the incident involved five tokens siphoned through a transaction exploiting Ethereum’s new EIP-7702 mechanism.

He explained:

EIP-7702 was introduced in the Pectra upgrade to streamline the Ethereum user experience. The feature allows a wallet to act like a temporary smart contract, making it possible to batch multiple transactions, enable gas sponsorship, or set spending limits in one step.

In principle, the delegation is revocable and network-specific. However, attackers have found ways to weaponize the feature in practice.

Crypto market maker Wintermute has warned that the standard’s implementation is being exploited at scale. Its June analysis showed that more than 90% of EIP-7702 delegations were linked to malicious contracts.

The firm pointed out that many of these contracts are simple copy-paste scripts that scan for vulnerable wallets and drain their holdings automatically.

Considering this, Scam Sniffer and Xiang urged crypto users to take extra care before signing wallet requests. They recommended verifying domain names, avoiding rushed confirmations, and rejecting signatures that seem unclear or overly broad.

They also stated that some of the red flags that could arise include requests for unlimited token approvals, contract upgrades under EIP-7702, or transaction simulations that do not match expectations.

Mentioned in this article
Latest Alpha Market Report

Source: https://cryptoslate.com/crypto-investor-loses-1m-in-uniswap-scam-exploiting-ethereums-eip-7702/

Piyasa Fırsatı
Prompt Logosu
Prompt Fiyatı(PROMPT)
$0.05047
$0.05047$0.05047
+0.25%
USD
Prompt (PROMPT) Canlı Fiyat Grafiği
Sorumluluk Reddi: Bu sitede yeniden yayınlanan makaleler, halka açık platformlardan alınmıştır ve yalnızca bilgilendirme amaçlıdır. MEXC'nin görüşlerini yansıtmayabilir. Tüm hakları telif sahiplerine aittir. Herhangi bir içeriğin üçüncü taraf haklarını ihlal ettiğini düşünüyorsanız, kaldırılması için lütfen [email protected] ile iletişime geçin. MEXC, içeriğin doğruluğu, eksiksizliği veya güncelliği konusunda hiçbir garanti vermez ve sağlanan bilgilere dayalı olarak alınan herhangi bir eylemden sorumlu değildir. İçerik, finansal, yasal veya diğer profesyonel tavsiye niteliğinde değildir ve MEXC tarafından bir tavsiye veya onay olarak değerlendirilmemelidir.

Ayrıca Şunları da Beğenebilirsiniz

Uniswap’s $591mln burn sparks a deflation loop – UNI at $7.2 ONLY IF…

Uniswap’s $591mln burn sparks a deflation loop – UNI at $7.2 ONLY IF…

The post Uniswap’s $591mln burn sparks a deflation loop – UNI at $7.2 ONLY IF… appeared on BitcoinEthereumNews.com. Deflationary measures have become increasingly
Paylaş
BitcoinEthereumNews2025/12/29 00:01
Tokyo’s Metaplanet Launches Miami Subsidiary to Amplify Bitcoin Income

Tokyo’s Metaplanet Launches Miami Subsidiary to Amplify Bitcoin Income

Metaplanet Inc., the Japanese public company known for its bitcoin treasury, is launching a Miami subsidiary to run a dedicated derivatives and income strategy aimed at turning holdings into steady, U.S.-based cash flow. Japanese Bitcoin Treasury Player Metaplanet Opens Miami Outpost The new entity, Metaplanet Income Corp., sits under Metaplanet Holdings, Inc. and is based […]
Paylaş
Coinstats2025/09/18 00:32
Russia’s Central Bank Prepares Crackdown on Crypto in New 2026–2028 Strategy

Russia’s Central Bank Prepares Crackdown on Crypto in New 2026–2028 Strategy

The Central Bank of Russia’s long-term strategy for 2026 to 2028 paints a picture of growing concern. The document, prepared […] The post Russia’s Central Bank Prepares Crackdown on Crypto in New 2026–2028 Strategy appeared first on Coindoo.
Paylaş
Coindoo2025/09/18 02:30