Key Takeaways
Phishing scams drained over $12M from 15,000+ wallets in August 2025, largely exploiting Ethereum’s EIP-7702 commonplace. Consultants warn that even main initiatives like Trump’s WLFI token are being focused.
Phishing scams within the crypto sector surged to alarming ranges in August 2025, stripping buyers of greater than $12 million throughout 15,000+ wallets.
In accordance with blockchain safety agency Rip-off Sniffer, the losses marked a 72% soar from July – With the variety of victims climbing by 67% month-over-month.
Phishing assaults transcend heights
Phishing assaults in August confirmed how shortly scammers have tailored to Ethereum [ETH]’s newest improvements.
In reality, Rip-off Sniffer revealed that three whale wallets accounted for practically 46% of the $12 million in losses that month, with one pockets alone dropping $3.08 million. The agency recognized Ethereum’s new EIP-7702 commonplace as the first software scammers exploited in these schemes.
For these unaware, Ethereum launched EIP-7702 to enhance pockets performance, enabling externally owned accounts (EOAs) to quickly function like sensible contract wallets. The improve added handy options comparable to batching transactions, setting spending caps, integrating passkeys, and recovering wallets with out altering addresses.
Nonetheless, attackers quickly weaponized these identical options, utilizing them to speed up thefts and trick customers into signing malicious approvals.
Particulars of the assault
Wintermute’s Dune Analytics dashboard showed that over 80% of delegate contracts tied to EIP-7702 have displayed malicious conduct, compromising greater than 450,000 pockets addresses since the usual’s rollout.
Safety consultants additionally consider that the majority customers stay dangerously unaware of those dangers.
Yu Xian, founding father of blockchain safety agency SlowMist, additionally emphasized that organized felony teams have eagerly exploited EIP-7702, extending the assaults throughout Ethereum Digital Machine (EVM) ecosystems.
Therefore, to counter these threats, Rip-off Sniffer is urgingnvestors to train larger warning when interacting with pockets prompts.
The agency beneficial verifying domains, avoiding rushed approvals, and rejecting signatures that grant limitless or overly broad permissions.
As suspicious prompts tied to contract upgrades and mismatched transaction simulations proceed to unfold, Ethereum customers ought to keep vigilant. Particularly since even breakthrough options can double as assault vectors within the mistaken palms.