Ethereum wallets are massively looted: Large upgrade is being abused

The recently launched pectra upgrade of Ethereum (ETH), intended to make the network more user-friendly, appears to contain a serious vulnerability. According to the Winter Mute trade firm analysis, malicious parties are abusing a new function on a large scale, causing users to lose their credits.

Abuse of Ethereum’s EIP-7702

Central to the problem is EIP-7702, part of the upgrade that makes ‘Account Abstraction’ possible. This allows Wallets to temporarily behave as smart contracts. This opens the door to functions such as bundled transactions, sponsored gas fees and passkey verification.

The functionality was presented by Ethereum co-founder Vitalik Buterin as an important step towards ease of use. But in the meantime EIP-7702 appears to be a new attack point.

Wintermutte reports that “more than eighty percent of EIP-7702 delegations have been authorized to multiple contracts with identical, copied code.” That code, nicknamed “CrimeenJoyor”, is designed to automatically empty wallets when private keys are leaked.

Ethereum Wallet’s target of ‘CrimeenJoyor’

The smart contract CrimeenJoyor is short, simple and frequently reused. “This one copied bytecode is now responsible for the majority of all EIP-7702 delegations. At the same time it is funny, gloomy and fascinating,” says Wintermute.

Blockchain security company SCAM Sniffer recently identified an incident in which nearly $ 150,000 was captured through a rogue bundle transaction. It was linked to the Inferno Drainer scam service. Slowmist is also the alarm and calls wallet providers to offer quickly support for EIP-7702 transactions. Users should clearly see which contract they sign with every delegation.

Yet experts point out that the problem is deeper. Security specialist Taylor Monahan states: “It is not a 7702 problem. It is the old problem: users do not secure their private keys properly. EIP-7702 simply makes wallets more efficient.”

A hefty setback for Ethereum. The pectra upgrade seemed like the savior in need, and the upgrade certainly saw positive effects. But it also brought new problems and the developers have to go around the table again to solve this safety problem.