• bitcoinBitcoin (BTC) $ 110,330.00
  • ethereumEthereum (ETH) $ 2,696.75
  • tetherTether (USDT) $ 1.00
  • xrpXRP (XRP) $ 2.34
  • bnbBNB (BNB) $ 692.28
  • solanaSolana (SOL) $ 178.73
  • usd-coinUSDC (USDC) $ 0.999790
  • dogecoinDogecoin (DOGE) $ 0.229747
  • cardanoCardano (ADA) $ 0.771886
  • tronTRON (TRX) $ 0.275731
  • staked-etherLido Staked Ether (STETH) $ 2,697.95
  • wrapped-bitcoinWrapped Bitcoin (WBTC) $ 110,087.00
  • hyperliquidHyperliquid (HYPE) $ 37.82
  • suiSui (SUI) $ 3.68
  • wrapped-stethWrapped stETH (WSTETH) $ 3,238.67
  • chainlinkChainlink (LINK) $ 16.06
  • avalanche-2Avalanche (AVAX) $ 23.70
  • stellarStellar (XLM) $ 0.290604
  • shiba-inuShiba Inu (SHIB) $ 0.000015
  • bitcoin-cashBitcoin Cash (BCH) $ 421.19
  • leo-tokenLEO Token (LEO) $ 8.90
  • hedera-hashgraphHedera (HBAR) $ 0.191121
  • wethWETH (WETH) $ 2,694.87
  • the-open-networkToncoin (TON) $ 3.02
  • litecoinLitecoin (LTC) $ 96.57
  • moneroMonero (XMR) $ 386.36
  • usdsUSDS (USDS) $ 0.999800
  • polkadotPolkadot (DOT) $ 4.60
  • wrapped-eethWrapped eETH (WEETH) $ 2,877.07
  • bitget-tokenBitget Token (BGB) $ 5.38
  • binance-bridged-usdt-bnb-smart-chainBinance Bridged USDT (BNB Smart Chain) (BSC-USD) $ 1.00
  • pepePepe (PEPE) $ 0.000014
  • pi-networkPi Network (PI) $ 0.749334
  • ethena-usdeEthena USDe (USDE) $ 1.01
  • coinbase-wrapped-btcCoinbase Wrapped BTC (CBBTC) $ 110,249.00
  • whitebitWhiteBIT Coin (WBT) $ 32.02
  • aaveAave (AAVE) $ 278.59
  • uniswapUniswap (UNI) $ 6.60
  • bittensorBittensor (TAO) $ 445.79
  • daiDai (DAI) $ 1.00
  • nearNEAR Protocol (NEAR) $ 2.90
  • aptosAptos (APT) $ 5.45
  • jito-staked-solJito Staked SOL (JITOSOL) $ 215.33
  • okbOKB (OKB) $ 52.22
  • ondo-financeOndo (ONDO) $ 0.967585
  • crypto-com-chainCronos (CRO) $ 0.098907
  • blackrock-usd-institutional-digital-liquidity-fundBlackRock USD Institutional Digital Liquidity Fund (BUIDL) $ 1.00
  • ethereum-classicEthereum Classic (ETC) $ 18.91
  • internet-computerInternet Computer (ICP) $ 5.37
  • tokenize-xchangeTokenize Xchange (TKX) $ 35.39
  • kaspaKaspa (KAS) $ 0.106575
  • ethena-staked-usdeEthena Staked USDe (SUSDE) $ 1.17
  • official-trumpOfficial Trump (TRUMP) $ 12.83
  • gatechain-tokenGate (GT) $ 20.82
  • render-tokenRender (RENDER) $ 4.79
  • mantleMantle (MNT) $ 0.729969
  • vechainVeChain (VET) $ 0.028302
  • fetch-aiArtificial Superintelligence Alliance (FET) $ 0.917979
  • ethenaEthena (ENA) $ 0.410685
  • susdssUSDS (SUSDS) $ 1.05
  • cosmosCosmos Hub (ATOM) $ 4.86
  • worldcoin-wldWorldcoin (WLD) $ 1.43
  • usd1-wlfiUSD1 (USD1) $ 1.00
  • lombard-staked-btcLombard Staked BTC (LBTC) $ 111,915.00
  • polygon-ecosystem-tokenPOL (ex-MATIC) (POL) $ 0.233266
  • arbitrumArbitrum (ARB) $ 0.412894
  • filecoinFilecoin (FIL) $ 2.91
  • algorandAlgorand (ALGO) $ 0.225217
  • fasttokenFasttoken (FTN) $ 4.42
  • jupiter-exchange-solanaJupiter (JUP) $ 0.629006
  • celestiaCelestia (TIA) $ 2.69
  • virtual-protocolVirtuals Protocol (VIRTUAL) $ 2.52
  • binance-peg-wethBinance-Peg WETH (WETH) $ 2,698.95
  • jupiter-perpetuals-liquidity-provider-tokenJupiter Perpetuals Liquidity Provider Token (JLP) $ 4.70
  • bonkBonk (BONK) $ 0.000021
  • first-digital-usdFirst Digital USD (FDUSD) $ 0.999473
  • quant-networkQuant (QNT) $ 111.24
  • binance-staked-solBinance Staked SOL (BNSOL) $ 187.96
  • injective-protocolInjective (INJ) $ 14.92
  • sonic-3Sonic (prev. FTM) (S) $ 0.452942
  • fartcoinFartcoin (FARTCOIN) $ 1.43
  • kucoin-sharesKuCoin (KCS) $ 11.36
  • blockstackStacks (STX) $ 0.902572
  • kelp-dao-restaked-ethKelp DAO Restaked ETH (RSETH) $ 2,815.63
  • optimismOptimism (OP) $ 0.782908
  • rocket-pool-ethRocket Pool ETH (RETH) $ 3,059.81
  • nexoNEXO (NEXO) $ 1.28
  • flare-networksFlare (FLR) $ 0.018671
  • story-2Story (IP) $ 4.36
  • sei-networkSei (SEI) $ 0.227991
  • immutable-xImmutable (IMX) $ 0.654354
  • usdt0USDT0 (USDT0) $ 0.999810
  • eosEOS (EOS) $ 0.771915
  • dogwifcoindogwifhat (WIF) $ 1.15
  • the-graphThe Graph (GRT) $ 0.114299
  • xdce-crowd-saleXDC Network (XDC) $ 0.066829
  • curve-dao-tokenCurve DAO (CRV) $ 0.801406
  • solv-btcSolv Protocol BTC (SOLVBTC) $ 110,152.00
  • binance-bridged-usdc-bnb-smart-chainBinance Bridged USDC (BNB Smart Chain) (USDC) $ 0.999991
  • flokiFLOKI (FLOKI) $ 0.000103
  • mantle-staked-etherMantle Staked Ether (METH) $ 2,880.63
  • msolMarinade Staked SOL (MSOL) $ 231.13
  • makerMaker (MKR) $ 1,706.12
  • raydiumRaydium (RAY) $ 3.29
  • arbitrum-bridged-wbtc-arbitrum-oneArbitrum Bridged WBTC (Arbitrum One) (WBTC) $ 110,091.00
  • wbnbWrapped BNB (WBNB) $ 691.26
  • paypal-usdPayPal USD (PYUSD) $ 0.999784
  • jupiter-staked-solJupiter Staked SOL (JUPSOL) $ 198.43
  • renzo-restaked-ethRenzo Restaked ETH (EZETH) $ 2,827.64
  • theta-tokenTheta Network (THETA) $ 0.894684
  • pancakeswap-tokenPancakeSwap (CAKE) $ 2.75
  • galaGALA (GALA) $ 0.019749
  • zcashZcash (ZEC) $ 54.47
  • spx6900SPX6900 (SPX) $ 0.939548
  • jasmycoinJasmyCoin (JASMY) $ 0.017905
  • clbtcclBTC (CLBTC) $ 110,794.00
  • polygon-bridged-usdt-polygonPolygon Bridged USDT (Polygon) (USDT) $ 1.00
  • lido-daoLido DAO (LDO) $ 0.942564
  • stakewise-v3-osethStakeWise Staked ETH (OSETH) $ 2,818.39
  • pudgy-penguinsPudgy Penguins (PENGU) $ 0.013279
  • coredaoorgCore (CORE) $ 0.828852
  • tether-goldTether Gold (XAUT) $ 3,301.97
  • pyth-networkPyth Network (PYTH) $ 0.139691
  • iotaIOTA (IOTA) $ 0.212186
  • pax-goldPAX Gold (PAXG) $ 3,313.86
  • ethereum-name-serviceEthereum Name Service (ENS) $ 23.33
  • the-sandboxThe Sandbox (SAND) $ 0.314834
  • pendlePendle (PENDLE) $ 4.66
  • heliumHelium (HNT) $ 4.07
  • bitcoin-svBitcoin SV (BSV) $ 37.19
  • bittorrentBitTorrent (BTT) $ 0.00000073
  • walrus-2Walrus (WAL) $ 0.548139
  • dexeDeXe (DEXE) $ 12.41
  • solv-protocol-solvbtc-bbnSolv Protocol Staked BTC (XSOLVBTC) $ 109,364.00
  • based-brettBrett (BRETT) $ 0.069943
  • thorchainTHORChain (RUNE) $ 1.97
  • kaiaKaia (KAIA) $ 0.115240
  • usdx-money-usdxStables Labs USDX (USDX) $ 1.00
  • jito-governance-tokenJito (JTO) $ 2.00
  • tezosTezos (XTZ) $ 0.626745
  • grassGrass (GRASS) $ 2.34
  • flowFlow (FLOW) $ 0.405803
  • usual-usdUsual USD (USD0) $ 0.997487
  • ousgOUSG (OUSG) $ 111.17
  • chain-2Onyxcoin (XCN) $ 0.018839
  • polyhedra-networkPolyhedra Network (ZKJ) $ 2.04
  • decentralandDecentraland (MANA) $ 0.317341
  • ketKet (KET) $ 0.600097
  • l2-standard-bridged-weth-baseL2 Standard Bridged WETH (Base) (WETH) $ 2,696.61
  • super-oethSuper OETH (SUPEROETH) $ 2,699.03
  • binance-peg-dogecoinBinance-Peg Dogecoin (DOGE) $ 0.229186
  • bitcoin-avalanche-bridged-btc-bAvalanche Bridged BTC (Avalanche) (BTC.B) $ 110,269.00
  • ondo-us-dollar-yieldOndo US Dollar Yield (USDY) $ 1.05
  • apecoinApeCoin (APE) $ 0.701815
  • mantle-restaked-ethMantle Restaked ETH (CMETH) $ 2,886.92
  • cgeth-hashkey-cloudcgETH Hashkey Cloud (CGETH.HASH) $ 2,783.24
  • saros-financeSaros (SAROS) $ 0.208875
  • kaitoKAITO (KAITO) $ 2.25
  • dog-go-to-the-moon-runeDog (Bitcoin) (DOG) $ 0.005311
  • elrond-erd-2MultiversX (EGLD) $ 18.55
  • aioz-networkAIOZ Network (AIOZ) $ 0.446242
  • arbitrum-bridged-weth-arbitrum-oneArbitrum Bridged WETH (Arbitrum One) (WETH) $ 2,694.84
  • reserve-rights-tokenReserve Rights (RSR) $ 0.008866
  • starknetStarknet (STRK) $ 0.163384
  • tbtctBTC (TBTC) $ 109,915.00
  • arweaveArweave (AR) $ 7.62
  • aerodrome-financeAerodrome Finance (AERO) $ 0.606750
  • dydx-chaindYdX (DYDX) $ 0.640079
  • aethirAethir (ATH) $ 0.054663
  • true-usdTrueUSD (TUSD) $ 0.999411
  • wrapped-hypeWrapped HYPE (WHYPE) $ 37.57
  • mog-coinMog Coin (MOG) $ 0.000001
  • eigenlayerEigenlayer (EIGEN) $ 1.58
  • wormholeWormhole (W) $ 0.104432
  • ether-fiEther.fi (ETHFI) $ 1.48
  • popcatPopcat (POPCAT) $ 0.486349
  • neoNEO (NEO) $ 6.72
  • roninRonin (RON) $ 0.723839
  • axie-infinityAxie Infinity (AXS) $ 2.92
  • kavaKava (KAVA) $ 0.432970
  • conflux-tokenConflux (CFX) $ 0.090436
  • bridged-usdc-polygon-pos-bridgeBridged USDC (Polygon PoS Bridge) (USDC.E) $ 0.999796
  • syrupusdcSyrupUSDC (SYRUPUSDC) $ 1.10
  • syrupMaple Finance (SYRUP) $ 0.417668
  • deepDeepBook (DEEP) $ 0.180068
  • pumpbtcpumpBTC (PUMPBTC) $ 108,782.00
  • beldexBeldex (BDX) $ 0.062295
  • ecasheCash (XEC) $ 0.000022
  • movementMovement (MOVE) $ 0.173652
  • apenftAPENFT (NFT) $ 0.00000044
  • telcoinTelcoin (TEL) $ 0.004677
  • chilizChiliz (CHZ) $ 0.044646
  • akash-networkAkash Network (AKT) $ 1.58
  • ether-fi-staked-ethether.fi Staked ETH (EETH) $ 2,691.02
  • morphoMorpho (MORPHO) $ 1.53
  • beam-2Beam (BEAM) $ 0.007903
  • hashnote-usycCircle USYC (USYC) $ 1.10
  • staked-hypeStaked HYPE (STHYPE) $ 37.56
  • mimblewimblecoinMimbleWimbleCoin (MWC) $ 37.27
  • usdbUSDB (USDB) $ 1.00
Bitcoin

New Ethereum feature exploited just weeks after launch in $146K phishing heist

By admin
0 7

New Ethereum feature exploited just weeks after launch in $146K phishing heist

An Ethereum wallet upgraded to the EIP-7702 smart accounts has lost $146,551 in various memecoins to phishing scammers. Blockchain security firm Scam Sniffer reported the incident, noting the funds were stolen through malicious batched transactions.

According to the firm, the victim 0xc6d289d signed the malicious batched transactions, allowing the attackers to siphon the funds. The scammers used 0xC83De81A and 0x33dAD2b to execute the attack.

Following the incident, Cybersecurity expert Yu Xian noted that the phishing exploit was very creative and identified the popular phishing group Inferno Drainer behind the incident. The group had publicly claimed that it had shut down, but a recent report by Check Point Research shows that its malware remains well in use and has been used to steal over $9 million in crypto assets in the last six months.

Xian, the founder of blockchain security firm Slow Mist, noted that scammers did not switch the externally owned account (EOA) address to a phishing one. Instead, they used a mechanism in the Metamask EIP-7702 delegator to complete batch authorization phishing and stealing tokens.

He said:

“What I mean by a bit creative is that this time, the user’s EOA address was not switched to the 7702 contract address through phishing. In other words, the delegated address is not a phishing address, but the MetaMask that existed a few days ago: EIP-7702 Delegator Ox63c0c19a2.”

This makes the incident even more complex than the previous attempts to exploit the EIP-7702 feature. Through the mechanism, the attackers could select tokens to steal from the victim’s address. Xian added that this shows how phishing gangs continue to find new and creative ways to steal users’ funds. Thus, crypto users must be careful so as not to lose their assets.

As to how the attackers were able to compromise the user’s wallet, he explained that the victim likely visited a phishing website and accidentally approved the operation without paying attention to it.

Phishing scammers exploiting EIP-7702

The incident raises more queries about the security of the EIP-7702 account abstraction feature, which was introduced with the Pectra upgrade a few weeks ago. Since its introduction, many people have adopted it, with Dune Analytics data from Wintermute Research showing over 48,000 delegations.

The feature allows Ethereum users to temporarily enable smart contract wallet capabilities for their externally owned accounts (EOA) by delegating control to an address whose code they want to execute.

Generally, EOAs are basic Ethereum accounts without functionalities such as gas sponsorship, alternative authentication, and transaction batching. With these features, users get an improved experience from the same basic account.

However, what was meant to improve user experience now exposes users to new risks. A sizable number of the authorized 7702 delegators are malicious contracts that steal users’ funds, with Dune Analytics data tagging 36.3% of the 175 delegate contracts as crimes.

According to GoPlus Security, funds sent to any affected EOA are automatically redirected to the scammer’s address. This allows phishing attackers to steal funds meant for infected addresses.

Users urged to protect themselves from phishing scams

Meanwhile, the emergence of new threat vectors has led to experts calling crypto users to be more vigilant. Xian noted that users need to check for any abnormal authorization of tokens and ensure they have not been delegated to a phishing address.

He advised that they can check this by viewing their authorization records through their block browser and cancel such authorization by switching to a wallet supporting EIP-7702.

New Ethereum feature exploited just weeks after launch in $146K phishing heist

Metamask warning to users (Source: GoPlus Security)

The leading Ethereum wallet, MetaMask, has also cautioned users against clicking any external link or email that requires them to upgrade their wallets to smart contract accounts. A popup in the wallet stated that any prompt to switch to a smart account would be within the wallet.

Web3 security firm GoPlus also highlighted crucial safety measures, including verifying authorization addresses, verifying contract source code, and being cautious with non-open source contracts.

Source

admin 13898 posts 0 comments
You might also like More from author

Leave A Reply

Your email address will not be published.

Verified by MonsterInsights