Ethereum’s EIP-7702 Sparks Security Concerns After Multi-Million Losses

Ethereum’s most recent protocol change, EIP-7702, has become a flashpoint in the security debate after a series of sophisticated phishing attacks drained millions from unsuspecting users.

From Upgrade to Attack Vector

The feature, which arrived with May’s Pectra hard fork, was meant to make Ethereum wallets more flexible by letting ordinary addresses behave like temporary smart contracts. While that promised greater efficiency for users—such as bundling several actions into a single transaction—it has also opened the door to new forms of fraud.

Phishing Campaigns on the Rise

Anti-scam trackers report a surge in cases since the upgrade went live. One investor lost $1.54 million after unknowingly authorizing a string of malicious approvals that looked like routine transfers. Similar schemes earlier this summer wiped $1 million from another wallet and took $66,000 in June. The common thread: fake decentralized exchange interfaces tricking victims into signing away access to their assets.

Read More:

XRP and Ethereum Set for Explosive Moves, Analyst Highlights New Targets

Warnings That Went Unheeded

Security researchers, including teams at Wintermute, had flagged the danger weeks ago, noting that many contracts tied to EIP-7702 were set up to “sweep” funds the moment permissions were granted. Despite those alerts, adoption of the standard has continued, creating more potential entry points for attackers.

What Investors Should Watch

Analysts recommend extra caution when dealing with batch transactions and advise sticking to trusted platforms. Double-checking every permission remains essential, they stress, as the newest Ethereum upgrade has also given hackers one of their most effective weapons yet.