Ethereum’s Pectra Upgrade Sparks $150K Sweeper Attack Chaos—Who’s Left Holding the Bag?

Just when you thought it was safe to HODL—Ethereum’s latest ’upgrade’ opens floodgates for slick sweeper attacks. Meet the crypto equivalent of leaving your keys in a Lambo.

How it happened: The Pectra feature, meant to streamline transactions, got twisted into a digital pickpocket’s playground. Attackers vacuumed wallets clean—$150K vanished before anyone blinked.

The irony? This happened on a chain that charges $20 for a sandwich transaction. Maybe next time they’ll ’optimize’ security before letting bankers play DeFi dress-up.

Promising upgrade or playground for phishers?

Ethereum’s Pectra upgrade introduced EIP-7702, enabling wallets to temporarily function as smart contracts for a better user experience.

Proposed by Vitalik Buterin, this feature supports account abstraction, allowing users to batch transactions, sponsor gas fees, and enforce stricter spending controls.

While this innovation improves wallet usability and security, it has also become a potential target for exploitation.

Source: X

Wintermute’s analysis reveals that over 80% of EIP-7702 delegations are being used by a single malicious contract, dubbed “CrimeEnjoyor.” The contract’s code is short, copy-pasted, and alarmingly effective.

Once it gains access to a compromised wallet – often through phishing – it instantly drains the funds to an attacker’s address.

It’s automation at scale, and it’s proving costly.

Source: X

Blockchain security firm Scam Sniffer highlighted one such incident where a victim lost nearly $150,000 in a single batched transaction linked to the notorious Inferno Drainer service.

With thousands of similar transactions already recorded, it may be that features meant to simplify Ethereum are also accelerating its vulnerabilities.

Maybe it’s not the code

The Core issue behind the recent wave of wallet-draining attacks isn’t EIP-7702. It’s the continued problem of leaked or stolen private keys.

The new feature simply makes it faster and cheaper for attackers to exploit already-compromised wallets. Security firms like SlowMist are urging wallet providers to improve visibility into contract interactions and strengthen user protections.

Source: X

As Ethereum evolves, the priority must shift toward smarter wallet design, clearer signing prompts, and better user education.

Because even the most promising features can backfire when basic security fails.