Security Incident EIP-7702: Hacker Takes Over Proxy, Withdraws $280,000 USD ETH into the Hybrid Pool

TrustlessMaximalist · 2025-12-26T19:12:26+00:00

A sophisticated attack exploited a critical vulnerability in the EIP-7702 contract on Ethereum, leading to the theft of 95 ETH (worth $280,000). CertiK's warning emphasizes the need for thorough security audits to prevent such incidents and maintain investor trust.

TrustlessMaximalist

2025-12-26 19:12:26

Abstract generation in progress

A sophisticated attack has left a trace in the Ethereum ecosystem when the attacker discovered a serious vulnerability in the uninitialized EIP-7702 proxy contract. Through this vulnerability, the hacker was able to take full control of the address ownership and then transfer 95 ETH (equivalent to $280,000 USD at the time of the incident) to Tornado Cash.

Warning from CertiK on Contract Security Risks

CertiK security audit company has detected and warned about this breach, revealing that the vulnerability allows the attacker to fully control the proxy address. The most concerning aspect is that this attack method exploits directly the flaws in the smart contract design rather than external factors. Currently, ETH is trading at $2.92K, while this incident highlights that even new technological solutions can still carry security risks.

Failure in Security Audit Process

This attack serves as a clear warning about the importance of thorough security audits before deploying to mainnet. The EIP-7702 vulnerability not only results in direct financial loss but also erodes investor confidence in new protocols. This event reminds the blockchain community that adopting advanced standards in smart contract development is a mandatory requirement, not an option.

ETH-3,72%

View Original

This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.