Inferno Drainer uses Ethereum EIP-7702 to carry out a new attack that has caused a single loss of $150,000

According to blockchain security platform Scam Sniffer, phishing group Inferno Drainer recently used the Ethereum EIP-7702 upgrade feature to carry out a new type of attack, which has caused a single loss of about $150,000. EIP-7702 is a key feature in the Pectra upgrade, allowing externally owned accounts (EOAs) to temporarily have smart contract functions during transactions. The attacker uses the authorized MetaMask wallet to initiate bulk token transfer operations.
SlowMist founder Cosine pointed out that this incident marks an upgrade in the phishing strategy: the attacker no longer hijacks the wallet directly, but induces the user to trigger the "execute" command of MetaMask, and quietly executes the malicious batch authorization in the background to complete the asset transfer.