Scam Sniffer sounded the alarm on August 5, 2025, reporting a phishing attack that drained $66,000 from an EIP-7702-upgraded Ethereum address, with attackers using Uniswap’s Universal Router to disguise malicious batch transfers as legitimate swaps, per Coinlineup.com. Unlike earlier scams relying on batch authorizations, this attack leverages EIP-7702’s transaction bundling to execute silent transfers, per @realScamSniffer. Multiple similar incidents targeting EIP-7702 addresses have surfaced, with losses tied to memecoins and ERC-20 tokens, per @VertexGuards. Ethereum’s Pectra upgrade (May 2025), which introduced EIP-7702 for temporary smart contract functionality, has inadvertently opened a phishing vector, with 36.3% of 175 delegate contracts flagged as malicious, per Dune Analytics. @CryptoJPTrans warns thousands of addresses are at risk.
EIP-7702 allows Externally Owned Accounts (EOAs) to act as smart wallets, enabling batch transactions and gas sponsorship, per BeInCrypto. Scammers trick users into signing malicious transactions via phishing sites, often posing as Uniswap DApps, which route funds through the Universal Router (addresses like 0xC83De81A), per ChainPlay.gg. A single “execute” call can transfer multiple tokens without extra pop-ups, as seen in a May 2025 $146,551 heist by Inferno Drainer, per The Coin Republic. Scam Sniffer’s April 2025 report noted $5.29M lost across 7,565 wallets, a 26% victim spike from March, per Bitget News. @TrmIabs highlights the attack’s stealth, as the legitimate MetaMask delegator (0x63c0c19a2) masks the fraud. Technical risks include Blockchain congestion and user oversight, with 97% of EIP-7702 delegations linked to “CrimeEnjoyor” sweeper contracts, per Wintermute.
The SEC’s Project Crypto and CFTC’s pro-crypto stance signal regulatory scrutiny, but no specific EIP-7702 response has emerged, per Bitcoin Sistemi EN. Ethereum ($3,553, up 23.3%) and Uniswap (UNI) ($12.92, up 5%) remain resilient amid a $3.6T market cap, per CoinPedia News.
However, Altcoins like Polkadot ($3.56) face sell pressure, per BH News. @BlockNedu suggests EIP-7702 attacks amplify losses on Base Network, impacting DeFi trust, per @realScamSniffer.
Uniswap’s Permit2 vulnerabilities, exploited in a 2022 $4.7M scam, echo these risks, per Cointelegraph. Trump’s tariffs and weak jobs data (73,000 vs. 100,000 expected) add macro volatility, per CNN, potentially curbing DEX liquidity. ETF inflows ($71.2M for ETH) offer stability, per SoSoValue.
MetaMask urges users to avoid external “upgrade” links and check authorization history on Etherscan, revoking suspicious approvals via EIP-7702-supported wallets, per GoPlus Security. GoPlus advises verifying contract source code and avoiding non-open-source DApps, per Medium. Traders should:
