Crypto investor loses $1M in Uniswap scam exploiting Ethereum’s EIP-7702
A single phishing attack drained nearly $1 million worth of tokens from a crypto investor who unknowingly signed a batch of malicious transactions disguised as Uniswap swaps, according to blockchain security firm Scam Sniffer.
In an Aug. 22 post on X, Yu Xiang, founder of blockchain security firm SlowMist, noted that the incident involved five tokens siphoned through a transaction exploiting Ethereum’s new EIP-7702 mechanism.
He explained:
“From the perspective of a phished user, it goes like this: the user opens a phishing website, a wallet signature prompt pops up, the user clicks confirm, and with just that one action, all valuable assets in the wallet address vanish in a snap.”
EIP-7702 was introduced in the Pectra upgrade to…
