Ethereum phishing scams – $12M lost in August as EIP-7702 exploits surge!

Key Takeaways

Phishing scams drained over $12M from 15,000+ wallets in August 2025, largely exploiting Ethereum’s EIP-7702 commonplace. Consultants warn that even main tasks like Trump’s WLFI token are being focused.

Phishing scams within the crypto sector surged to alarming ranges in August 2025, stripping buyers of greater than $12 million throughout 15,000+ wallets.

Based on blockchain safety agency Rip-off Sniffer, the losses marked a 72% bounce from July – With the variety of victims climbing by 67% month-over-month.

Phishing assaults transcend heights

Phishing assaults in August confirmed how shortly scammers have tailored to Ethereum [ETH]’s newest improvements.

The truth is, Rip-off Sniffer revealed that three whale wallets accounted for practically 46% of the $12 million in losses that month, with one pockets alone shedding $3.08 million. The agency recognized Ethereum’s new EIP-7702 commonplace as the first device scammers exploited in these schemes.

For these unaware, Ethereum launched EIP-7702 to enhance pockets performance, enabling externally owned accounts (EOAs) to briefly function like sensible contract wallets. The improve added handy options corresponding to batching transactions, setting spending caps, integrating passkeys, and recovering wallets with out altering addresses.

Nonetheless, attackers quickly weaponized these identical options, utilizing them to speed up thefts and trick customers into signing malicious approvals.

Particulars of the assault

Wintermute’s Dune Analytics dashboard showed that over 80% of delegate contracts tied to EIP-7702 have displayed malicious habits, compromising greater than 450,000 pockets addresses since the usual’s rollout.

Safety specialists additionally consider that the majority customers stay dangerously unaware of those dangers.

Yu Xian, founding father of blockchain safety agency SlowMist, additionally emphasised that organized legal teams have eagerly exploited EIP-7702, extending the assaults throughout Ethereum Digital Machine (EVM) ecosystems.

Therefore, to counter these threats, Rip-off Sniffer is urgingnvestors to train better warning when interacting with pockets prompts.

The agency really helpful verifying domains, avoiding rushed approvals, and rejecting signatures that grant limitless or overly broad permissions.

As suspicious prompts tied to contract upgrades and mismatched transaction simulations proceed to unfold, Ethereum customers ought to keep vigilant. Particularly since even breakthrough options can double as assault vectors within the flawed palms.