World Liberty Financial’s (WLFI) managing tokenholders has been hit by a well-known phishing wallet exploited using EIP-7702 upgrading Ethereum, says Slowmist Founder Yu Xian.
Ethereum’s PECTRA upgrade in May introduced The EIP-7702, which allows external accounts to temporarily act Smart contract Wallets, delegations are implementing rights and allowing batch transactions, aimed at losing the experience of a user.
Xian Says In an X post on Monday that hackers take advantage of the upgrade to pre-plant a hacker-controlled hacker on the victim’s wallets, then, when a deposit is made, they quickly “seize” the tokens, which in this case, affect the WLFI tokenholders.
“Another player found that multiple addresses’ WLFI was stolen. Looking at the theft procedure, the exploitation of the 7702 delegate malicious contract was again, with the required private leakage key,” Xian said.
Donald Trump’s token started -backed World Liberty Financial (WLFI) Trading Monday morning, with total supply of 24.66 billion tokens.
How it works
In the lead-up to the official launch, an X user reported On August 31 that a friend had their WLFI tokens drained after the transfer of Ether (Eth) in their purse.
In a response, Xian Says This is clearly an instance of the “Classic EIP-7702 Phishing Exploit,” where the The private key is scatteredAnd the bad actor then pre-plants a delegate intelligent contract with the victim’s wallet address connected to the key.
In a previous post, Xian Says Usually private keys stolen by phishing.
“Once you try to move the remaining tokens in it, as the WLFIs thrown into the Lockbox contract, the gas you input will automatically move,” he said.
Xian recommends “cancel or replace the EIP-7702 ambush yourself,” and move the tokens from the compromised purse as a possible solution.
Crypto users discussed robbery in WLFI forums
Some have been Reporting Similar issues with WLFI forums. A posting under the handle of the Hakaemiratlas Says His purse was that it was hacked last October and now his WLFI tokens are at risk.
“I was able to move only 20% of my WLFI tokens to a new purse, but it was a stressful breed against the hacker. Even sending ETH for gas fees felt dangerous, as it could also be stolen immediately,” they said.
“Currently, 80% of my WLFI tokens are still stuck in the compromised purse. I am very concerned that once they unlock, the hacker can move them immediately.”
Another user under the handle Anton Says Many other people face a similar issue because of how the token drop was implemented. The purse used to join the WLFI Whitelist needs to be used to participate in the presale.
Related: Take care of the fake conference of targeting crypto assets, warning the Slowmist founder
“Instant tokens arrived, they were stolen by automatic sweeper bots before we had the opportunity to move them to a safe wallet,” he said.
Anton also requires the WLFI team to consider the implementation of a direct transfer option for tokens.
Scammers that target token launch
Many WLFI scams appear in the lead-up and post token launch. Analytics firm bubblemaps identified some “bundle clones” Look at the same intelligent contracts to mimic the established crypto projects.
Meanwhile, the WLFI team has warned That it does not interact with a direct message on any platform, with the only official support channels via email.
“If you receive a DM that says from us, it is fraudulent and should be ignored. If you receive an email, always double-check that it comes from one of the official domains before responding,” said the WLFI team.
