Inferno Drainer exploits a new attack vector using Ethereum EIP-7702, resulting in a $150,000 loss in a single transaction

Blockbeats

26 May

BlockBeats News, May 26th, According to the blockchain security platform Scam Sniffer, phishing group Inferno Drainer recently used the Ethereum EIP-7702 upgrade feature to carry out a new type of attack, causing a single transaction to result in approximately $150,000 in losses. EIP-7702 is a key feature of the Pectra upgrade, allowing an externally owned account (EOA) to temporarily possess smart contract capabilities during a transaction. The attacker, leveraging an authorized MetaMask wallet, initiated batch token transfer operations.

SlowMist founder Cao Yin pointed out that this event marks an evolution in phishing strategies: attackers no longer directly hijack wallets but instead lure users to trigger MetaMask's "execute" command, silently executing malicious batch approvals in the background to complete asset transfers. (Beincrypto)

Disclaimer: Investing carries risk. This is not financial advice. The above content should not be regarded as an offer, recommendation, or solicitation on acquiring or disposing of any financial products, any associated discussions, comments, or posts by author or other users should not be considered as such either. It is solely for general information purpose only, which does not consider your own investment objectives, financial situations or needs. TTM assumes no responsibility or warranty for the accuracy and completeness of the information, investors should do their own research and may seek professional advice before investing.

Most Discussed

1
2
3
4
5
6
7
8
9
10

{"basename":"","ssrTDKData":{"titleTemplate":"%s - Tiger Brokers","title":"Tiger Brokers | Global Stocks, Options & Futures Trading App","description":"Tiger Brokers, one-stop investment in US stocks, SGX stocks, HK stocks, A-shares & other global assets. One of the best stock trading platforms in Singapore.","keywords":"tiger brokers,tiger trade,tiger brokers singapore,broker online,stock trading in singapore,share trading singapore,brokerage firm singapore,trading app,stock broker singapore,stock trading platforms,trading account","social":{"ogDescription":"Tiger Brokers, one-stop investment in US stocks, SGX stocks, HK stocks, A-shares & other global assets. One of the best stock trading platforms in Singapore.","ogImage":"https://c1.itigergrowtha.com/portal5/static/media/og-logo.be62fbe1.png","ogUrl":"https://www.itiger.com/news/2538712350"},"companyName":"Tiger Brokers"},"pageData":{"isMobile":false,"isTiger":false,"isTTM":true,"region":"SGP","license":"TBSG","edition":"fundamental"},"__swrFallback__":{"@#url:\"https://stock-news.skytigris.cn/v3/news\",params:#id:\"2538712350\",edition:\"fundamental\",,,undefined,":{"share":"https://ttm.financial/m/news/2538712350?lang=en_US&edition=fundamental","thumbnail":"","is_english":true,"pubTime":"2025-05-26 10:59","share_image_url":"https://static.laohu8.com/e9f99090a1c2ed51c021029395664489","id":"2538712350","market":"us","top_or_hot":-1,"title":"Inferno Drainer exploits a new attack vector using Ethereum EIP-7702, resulting in a $150,000 loss in a single transaction","media":"Blockbeats","content":"<html><body><div><p>BlockBeats News, May 26th, According to the blockchain security platform Scam Sniffer, phishing group Inferno Drainer recently used the Ethereum EIP-7702 upgrade feature to carry out a new type of attack, causing a single transaction to result in approximately $150,000 in losses. EIP-7702 is a key feature of the Pectra upgrade, allowing an externally owned account (EOA) to temporarily possess smart contract capabilities during a transaction. The attacker, leveraging an authorized MetaMask wallet, initiated batch token transfer operations.</p><p>SlowMist founder Cao Yin pointed out that this event marks an evolution in phishing strategies: attackers no longer directly hijack wallets but instead lure users to trigger MetaMask's \"execute\" command, silently executing malicious batch approvals in the background to complete asset transfers. (Beincrypto)</p></div></body></html>","source":"theblockbeats_live","html":"<!DOCTYPE html>\n<html>\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" />\n<meta name=\"viewport\" content=\"width=device-width,initial-scale=1.0,minimum-scale=1.0,maximum-scale=1.0,user-scalable=no\"/>\n<meta name=\"format-detection\" content=\"telephone=no,email=no,address=no\" />\n<title>Inferno Drainer exploits a new attack vector using Ethereum EIP-7702, resulting in a $150,000 loss in a single transaction</title>\n<style type=\"text/css\">\na,abbr,acronym,address,applet,article,aside,audio,b,big,blockquote,body,canvas,caption,center,cite,code,dd,del,details,dfn,div,dl,dt,\nem,embed,fieldset,figcaption,figure,footer,form,h1,h2,h3,h4,h5,h6,header,hgroup,html,i,iframe,img,ins,kbd,label,legend,li,mark,menu,nav,\nobject,ol,output,p,pre,q,ruby,s,samp,section,small,span,strike,strong,sub,summary,sup,table,tbody,td,tfoot,th,thead,time,tr,tt,u,ul,var,video{ font:inherit;margin:0;padding:0;vertical-align:baseline;border:0 }\nbody{ font-size:16px; line-height:1.5; color:#999; background:transparent; }\n.wrapper{ overflow:hidden;word-break:break-all;padding:10px; }\nh1,h2{ font-weight:normal; line-height:1.35; margin-bottom:.6em; }\nh3,h4,h5,h6{ line-height:1.35; margin-bottom:1em; }\nh1{ font-size:24px; }\nh2{ font-size:20px; }\nh3{ font-size:18px; }\nh4{ font-size:16px; }\nh5{ font-size:14px; }\nh6{ font-size:12px; }\np,ul,ol,blockquote,dl,table{ margin:1.2em 0; }\nul,ol{ margin-left:2em; }\nul{ list-style:disc; }\nol{ list-style:decimal; }\nli,li p{ margin:10px 0;}\nimg{ max-width:100%;display:block;margin:0 auto 1em; }\nblockquote{ color:#B5B2B1; border-left:3px solid #aaa; padding:1em; }\nstrong,b{font-weight:bold;}\nem,i{font-style:italic;}\ntable{ width:100%;border-collapse:collapse;border-spacing:1px;margin:1em 0;font-size:.9em; }\nth,td{ padding:5px;text-align:left;border:1px solid #aaa; }\nth{ font-weight:bold;background:#5d5d5d; }\n.symbol-link{font-weight:bold;}\n/* header{ border-bottom:1px solid #494756; } */\n.title{ margin:0 0 8px;line-height:1.3;color:#ddd; }\n.meta {color:#5e5c6d;font-size:13px;margin:0 0 .5em; }\na{text-decoration:none; color:#2a4b87;}\n.meta .head { display: inline-block; overflow: hidden}\n.head .h-thumb { width: 30px; height: 30px; margin: 0; padding: 0; border-radius: 50%; float: left;}\n.head .h-content { margin: 0; padding: 0 0 0 9px; float: left;}\n.head .h-name {font-size: 13px; color: #eee; margin: 0;}\n.head .h-time {font-size: 11px; color: #7E829C; margin: 0;line-height: 11px;}\n.small {font-size: 12.5px; display: inline-block; transform: scale(0.9); -webkit-transform: scale(0.9); transform-origin: left; -webkit-transform-origin: left;}\n.smaller {font-size: 12.5px; display: inline-block; transform: scale(0.8); -webkit-transform: scale(0.8); transform-origin: left; -webkit-transform-origin: left;}\n.bt-text {font-size: 12px;margin: 1.5em 0 0 0}\n.bt-text p {margin: 0}\n</style>\n</head>\n<body>\n<div class=\"wrapper\">\n<header>\n<h2 class=\"title\">\nInferno Drainer exploits a new attack vector using Ethereum EIP-7702, resulting in a $150,000 loss in a single transaction\n</h2>\n\n<h4 class=\"meta\">\n\n\n2025-05-26 10:59 GMT+8&nbsp;&nbsp;&nbsp;<a href=https://www.theblockbeats.info//en/flash/295458><strong>Blockbeats</strong></a>\n\n\n</h4>\n\n</header>\n<article>\n<div>\n<p>BlockBeats News, May 26th, According to the blockchain security platform Scam Sniffer, phishing group Inferno Drainer recently used the Ethereum EIP-7702 upgrade feature to carry out a new type of ...</p>\n\n<a href=\"https://www.theblockbeats.info//en/flash/295458\">Source Link</a>\n\n</div>\n\n\n</article>\n</div>\n</body>\n</html>\n","isBrief":false,"type":0,"news_type":1,"symbol":"03046","symbol_name":"华夏以太币","start_time":0,"source_url":"https://www.theblockbeats.info//en/flash/295458","article_id":"2538712350","we_media_id":null,"thumbnails":[],"rights":null,"url":"https://stock-news.laohu8.com/highlight/detail?id=2538712350","pubTimestamp":1748228340,"columns":[],"sourceInfo":{"source_id":"theblockbeats_live","name":"Blockbeats快讯"},"weMediaInfo":null,"summary":"BlockBeats News, May 26th, According to the blockchain security platform Scam Sniffer, phishing group Inferno Drainer recently used the Ethereum EIP-7702 upgrade feature to carry out a new type of att","collect":0,"end_time":0,"defaultTopTitle":"theblockbeats.info","property":[],"viewcount":null,"language":"en","relate_stocks":{"03046":"华夏以太币","09009":"博时以太币-U","09046":"华夏以太币-U","CETH":"以太坊ETF-21Shares","03009":"博时以太币","09179":"嘉实以太币-U","QETH":"以太坊ETF-Invesco Galaxy","ETHV":"以太坊ETF-VanEck","EIP":"Eaton Vance Pennsylvania Munic","EZET":"以太坊ETF-Franklin","03179":"嘉实以太币","FETH":"以太币ETF-Fidelity"},"translate_title":"Inferno Drainer利用以太币EIP-7702的新攻击媒介，导致单笔交易损失15万美元","themeId":null,"isJumpTheme":false,"ttsUrl":null,"symbols_score_info":{"03009":1,"03046":1,"03179":1,"09009":1,"09046":1,"09179":1,"CETH":1,"EIP":1,"ETHV":1,"EZET":1,"FETH":1,"QETH":1},"content_text":"BlockBeats News, May 26th, According to the blockchain security platform Scam Sniffer, phishing group Inferno Drainer recently used the Ethereum EIP-7702 upgrade feature to carry out a new type of attack, causing a single transaction to result in approximately $150,000 in losses. EIP-7702 is a key feature of the Pectra upgrade, allowing an externally owned account (EOA) to temporarily possess smart contract capabilities during a transaction. The attacker, leveraging an authorized MetaMask wallet, initiated batch token transfer operations.SlowMist founder Cao Yin pointed out that this event marks an evolution in phishing strategies: attackers no longer directly hijack wallets but instead lure users to trigger MetaMask's \"execute\" command, silently executing malicious batch approvals in the background to complete asset transfers. (Beincrypto)","kind":"highlight","is_publish_news":true,"is_publish_highlight":false,"is_publish_live":false,"is_publish_wemedia":null,"editions":null,"column":"","sentiment":"-1","news_tag":"","news_rank":0,"symbols":[],"gpt_button":0,"code":"91000000","status":"200"}}}