What happened?
Hackers have been exploiting Ethereum’s EIP-7702 upgrade to steal World Liberty Financial tokens from Donald Trump’s crypto project. The attackers are using a vulnerability in the May Pectra upgrade that allows them to plant malicious code which drains all incoming ETH and tokens. This issue has led to multiple WLFI token holders losing their assets after the hackers combined private key theft with malicious delegate contract deployment.
Who does this affect?
This primarily affects all the holders of World Liberty Financial tokens, particularly those who have had their private keys compromised. Due to the exploit, when users transfer ETH for gas or receive tokens like WLFI, the malicious contracts redirect all funds to attacker-controlled addresses, leaving wallets permanently compromised. The issue extends beyond World Liberty Financial token holders and exposes Ethereum users to systematic threats, given the security flaw in EIP-7702 delegations.
Why does this matter?
This situation matters a great deal as it reveals a critical security risk within the Ethereum’s upgrade implementation. Despite the upgrade’s initial aim to enhance user experience and reduce costs, the security trade-offs have turned into wallet-draining threats, creating new attack vectors for cybercriminals. The impact on the market could be severe, with potentially significant losses and shaken investor confidence in Ethereum and tokens associated with their upgrades.