Inferno Drainer Exploits Ethereum EIP-7702 in Evolving Phishing Tactics Targeting Crypto Wallets

• Inferno Drainer, a known phishing group, is leveraging Ethereum’s EIP-7702 to silently drain wallets.

• The malicious attackers used a delegated MetaMask wallet and batch authorizations to steal $150,000.

• This marks a shift in phishing tactics as scammers begin integrating new features into their schemes.

A notorious phishing group exploits Ethereum’s EIP-7702, uncovering a new dimension of wallet-draining tactics that demands user vigilance.

Sophisticated Crypto Phishing Scam Exploits Ethereum’s Smart Wallet Flexibility

On May 24, Scam Sniffer, a web3 anti-scam platform, flagged a case where a wallet recently upgraded to EIP-7702 lost nearly $150,000.

According to Yu Xian, founder of blockchain security firm SlowMist, Inferno Drainer carried out the theft using a more sophisticated version of traditional phishing methods.

Unlike previous scams that hijack user wallets directly, Xian explained that Inferno Drainer utilized a delegated MetaMask wallet—one already authorized under EIP-7702.

This innovative approach allowed the hackers to approve token transfers silently through a batch authorization process.

Xian further noted that the victim unknowingly triggered an “execute” command within MetaMask, which processed the malicious batch data in the background. The result was a silent but effective token drain.

“The phishing gang uses this mechanism to complete batch authorization operations on tokens related to the victim’s address,” Xian stated.

The security expert emphasized that this incident signifies a **shift** in scam tactics.

According to him, it illustrates that attackers are no longer relying solely on old strategies; they are actively integrating new Ethereum updates into their operations to stay ahead.

“As we predicted, the phishing gangs have caught up… Everyone should be vigilant, be careful that the assets in your wallet will be taken away,” Xian cautioned.

In light of this, he urged users to review token authorizations regularly and check whether their wallet addresses have been delegated to phishing accounts via EIP-7702.

Moreover, this incident is part of a broader trend in the crypto industry. Last month, malicious actors stole over $5 million from 7,565 individuals through similar phishing attacks.

In response, security experts emphasize the importance of users remaining proactive to protect themselves from these evolving attack vectors.

Scam Sniffer advised industry players to verify websites before logging in or approving any transactions. They also urge community members to routinely audit their token permissions and avoid clicking on unverified links.

Challenges in Tackling Evolving Phishing Techniques

The emergence of tactics like those employed by Inferno Drainer underscores significant challenges facing the crypto security landscape.

Security measures that were once effective are being undermined by the constant adaptation of malicious actors. As Xian pointed out, users’ growing reliance on advanced features like EIP-7702 inadvertently opens new avenues for vulnerabilities.

To help mitigate these risks, users are encouraged to utilize hardware wallets where possible, as these are less susceptible to remote access. Additionally, implementing two-factor authentication can provide an extra layer of security.

Community Response and Future Outlook

The crypto community is responding to this threat by enhancing educational initiatives aimed at informing users about security protocols. Many influencers and security experts are disseminating guidelines on how to recognize and avoid phishing attempts, marking an important step toward increasing awareness in a rapidly evolving environment.

Ultimately, the future of crypto security will depend on collaborative efforts among users, developers, and security professionals. By fostering a culture of vigilance and incorporating the latest technological safeguards, the community can tackle these emerging threats more effectively.

Conclusion

The recent exploits by Inferno Drainer serve as a stark reminder that the landscape of phishing attacks is continually evolving. Users must remain vigilant and proactive in reviewing their security measures.

By staying informed and adopting best practices, crypto enthusiasts can better protect their assets in an increasingly complex digital environment. Emphasizing regular audits of token authorizations and exercising caution with transactions will be crucial in adapting to these new challenges.