World Liberty Financial’s WLFI token holders are facing major security risks as hackers exploit a vulnerability linked to Ethereum’s recent EIP-7702 upgrade. According to SlowMist founder Yu Xian, the attack uses a classic phishing technique tied to Ethereum smart contracts, leaving many users with drained wallets.
How Does the EIP-7702 Exploit Work?
Ethereum’s Pectra upgrade in May introduced EIP-7702, which allows external accounts to temporarily function as smart contract wallets, enabling features like batch transactions and delegated execution rights. While this was designed to improve user experience, hackers are leveraging the upgrade to steal tokens.
Here’s the process:
- Attackers first steal a user’s private key through phishing schemes.
- They pre-plant a malicious delegate contract in the compromised wallet.
- When the victim deposits assets—such as WLFI tokens—the attacker uses the malicious contract to instantly transfer the funds to their own wallet.
Xian described this as the “Classic EIP-7702 phishing exploit.” Victims who try to transfer remaining funds also risk losing gas fees since the malicious contract redirects transactions.
WLFI Token Launch and Rising Exploit Reports
The Donald Trump–backed WLFI token launched with a supply of 24.66 billion tokens, attracting massive attention. However, several users have reported token thefts:
- One user shared that 80% of their WLFI tokens remain stuck in a compromised wallet, fearing immediate loss once they unlock.
- Others say the WLFI presale process made them vulnerable, as whitelist wallets were also required for token claims.
Some forum users are urging the WLFI team to implement direct transfer options to help secure tokens before hackers act.
How to Protect Your Wallet and Tokens
Security experts recommend these steps:
- Do not reuse compromised wallets—create a new one immediately.
- Cancel or replace the malicious EIP-7702 contract if detected.
- Use hardware wallets and enable multi-signature features for large holdings.
- Never click on suspicious links or share your private key.
The WLFI team has warned users against fake DMs and phishing emails, confirming that official communications only come through verified domains.
The EIP-7702 exploit highlights the security risks in DeFi innovations, especially during major token launches like WLFI. As hackers become more sophisticated, crypto users must stay vigilant and adopt best security practices.
Disclaimer
This content is for informational purposes only and does not constitute financial, investment, or legal advice. Cryptocurrency trading involves risk and may result in financial loss.