BusinessPostCorner.com
No Result
View All Result
Saturday, June 28, 2025
  • Home
  • Business
  • Finance
  • Accounting
  • Tax
  • Management
  • Marketing
  • Crypto News
  • Human Resources
BusinessPostCorner.com
  • Home
  • Business
  • Finance
  • Accounting
  • Tax
  • Management
  • Marketing
  • Crypto News
  • Human Resources
No Result
View All Result
BusinessPostCorner.com
No Result
View All Result

Wintermute’s “CrimeEnjoyor” to Warn Ethereum Users of Wallet-Draining Attacks

June 2, 2025
in Crypto News
Reading Time: 3 mins read
A A
0
Wintermute’s “CrimeEnjoyor” to Warn Ethereum Users of Wallet-Draining Attacks
ShareShareShareShareShare

Key Takeaways:

  • Wintermute’s new “CrimeEnjoyor” tool injects on-chain warnings into malicious Ethereum contracts.
  • Over 97% of EIP-7702 delegations are being used in wallet-draining attacks.
  • An Ethereum user recently lost $146K by signing malicious EIP-7702 transactions.

Crypto market maker Wintermute has developed a tool that injects on-chain warnings into malicious wallet-draining contracts to alert users.

The new tool comes as Ethereum users face a new wallet-draining threat that exploits a feature in the network’s latest upgrade.

On May 30, Wintermute revealed it had developed “CrimeEnjoyor,” a code that injects visible warnings into verified malicious Ethereum contracts. The move targets contracts designed to auto-drain wallets when private keys are compromised.

‘Do Not Send ETH’ Warning

The injected message clearly states that the contract “is used by bad guys to automatically sweep all incoming ETH” and prominently advises users to “NOT SEND ANY ETH.”

The malicious contracts exploit Ethereum Improvement Proposal-7702 (EIP-7702), a feature introduced in the recent Pectra upgrade.

EIP-7702 allows wallet owners to temporarily delegate control of their wallets to smart contracts—an opt-in feature meant to expand Ethereum’s capabilities.

However, Wintermute’s research team found troubling patterns.

According to their analysis, over 97% of EIP-7702 delegations were being used in identical sweeping contracts designed to automatically drain ETH from compromised addresses.

“These are sweepers, used to automatically drain incoming ETH from compromised addresses,” Wintermute said in a post on X.

While EIP-7702 brings new convenience, it also introduces new risks

Our Research team found that over 97% of all EIP-7702 delegations were authorized to multiple contracts using the same exact code. These are sweepers, used to automatically drain incoming ETH from compromised… pic.twitter.com/xHp7zr4hC9

— Wintermute (@wintermute_t) May 30, 2025

To inject warnings, the team reverse-engineered the contracts’ Ethereum Virtual Machine (EVM) bytecode into readable Solidity code and then publicly verified it.

As a result, the modified warning now appears inside most of the malicious contracts.

“This one copy-pasted bytecode now accounts for the majority of all EIP-7702 delegations,” Wintermute added. “It’s funny, bleak, and fascinating at the same time.”

While EIP-7702 was designed to offer greater wallet flexibility, its lack of verification features has made it difficult for users—especially newcomers—to distinguish between legitimate and malicious contracts.

Wintermute hopes that tagging compromised contracts will help surface suspicious activity and better protect the ecosystem.

Ethereum User Loses $146K

The risks are real. On May 23, one Ethereum user lost $146,550 after unknowingly signing a batch of malicious EIP-7702 transactions, according to blockchain security firm Scam Sniffer.

ALERT: An address upgraded to EIP-7702 lost $146,551 through malicious batched transactions in phishing attack. pic.twitter.com/7GbamqOZVI

— Scam Sniffer | Web3 Anti-Scam (@realScamSniffer) May 24, 2025

Since Ethereum’s Pectra upgrade went live on May 7, users have executed 12,329 EIP-7702 transactions.

Pectra also introduced other significant changes: EIP-725 raised the validator staking limit from 32 ETH to 2,048 ETH, and EIP-7691 increased data blob capacity to improve scalability and lower fees on Ethereum layer-2 networks.

Last month, Vitalik Buterin unveiled a new proposal aimed at making it significantly easier for everyday users to run Ethereum nodes, by reducing the hardware and storage requirements currently needed to sync with the network.

The Ethereum mastermind suggested a shift in how nodes store and retrieve data, moving from full data replication to a more flexible, user-centric model.

Under this approach, nodes would store only the data relevant to the user, rather than Ethereum’s entire global state, which currently exceeds 1.3 terabytes, according to Etherscan.

The post Wintermute’s “CrimeEnjoyor” to Warn Ethereum Users of Wallet-Draining Attacks appeared first on Cryptonews.


Credit: Source link

ShareTweetSendPinShare
Previous Post

Karol Nawrocki win deals blow to Poland’s EU agenda

Next Post

Flight path shake-up promises quicker flights and fewer delays

Next Post
Flight path shake-up promises quicker flights and fewer delays

Flight path shake-up promises quicker flights and fewer delays

Russia’s economy is down but not out

Russia’s economy is down but not out

June 23, 2025
How to prepare for, navigate, and thrive through summer slumps — according to marketing experts

How to prepare for, navigate, and thrive through summer slumps — according to marketing experts

June 24, 2025
IMA expands competency framework for accountants

IMA expands competency framework for accountants

June 23, 2025
Baker Tilly and Moss Adams: M&A to get better, not bigger

Baker Tilly and Moss Adams: M&A to get better, not bigger

June 23, 2025
Tax Fraud Blotter: Boundless energy

Tax Fraud Blotter: Boundless energy

June 26, 2025
A 0 Theragun massager is the crux of an alleged multimillion broken promise between two former friends — ‘Dude, my heart just sank to the floor’

A $650 Theragun massager is the crux of an alleged multimillion broken promise between two former friends — ‘Dude, my heart just sank to the floor’

June 25, 2025
BusinessPostCorner.com

BusinessPostCorner.com is an online news portal that aims to share the latest news about following topics: Accounting, Tax, Business, Finance, Crypto, Management, Human resources and Marketing. Feel free to get in touch with us!

Recent News

XRP Surges as Ripple CEO Garlinghouse Signals End to SEC Dispute

XRP Surges as Ripple CEO Garlinghouse Signals End to SEC Dispute

June 28, 2025
Consumer spending pulled back in May as inflation heated up—a double whammy of bad news

Consumer spending pulled back in May as inflation heated up—a double whammy of bad news

June 28, 2025

Our Newsletter!

Loading
  • Contact Us
  • Privacy Policy
  • Terms of Use
  • DMCA

© 2023 businesspostcorner.com - All Rights Reserved!

No Result
View All Result
  • Home
  • Business
  • Finance
  • Accounting
  • Tax
  • Management
  • Marketing
  • Crypto News
  • Human Resources

© 2023 businesspostcorner.com - All Rights Reserved!