Hackers Strike WLFI Tokenholders with EIP-7702 Exploit

A new wave of attacks is targeting World Liberty Financial (WLFI) tokenholders, leveraging a known exploit tied to Ethereum's EIP-7702 upgrade. This exploit allows hackers to sneak into user wallets and steal tokens as soon as they are deposited. The issue was highlighted by Yu Xian, founder of SlowMist, who pointed out that multiple addresses have been compromised this way. Ethereum's Pectra upgrade in May introduced EIP-7702, a feature that lets external accounts temporarily act like smart contract wallets. This upgrade was meant to make transactions smoother, but hackers have found a way to abuse it. They plant a malicious contract in a victim's wallet and wait for a deposit. Once the tokens arrive, they are quickly stolen. WLFI, a token backed by Donald Trump, started trading on Monday with a total supply of 24. 66 billion tokens. However, the excitement around its launch was overshadowed by reports of thefts. Users have been sharing their experiences on forums, describing how their tokens were drained as soon as they tried to move them. One user reported that only 20% of their WLFI tokens were successfully transferred to a new wallet, while the rest remained at risk. Another user mentioned that the moment tokens arrive in a compromised wallet, automated bots steal them before the owner can react. This has led to calls for the WLFI team to implement a direct transfer option to protect users. Scams have also been rampant around the WLFI token launch. Fake support channels and look-alike smart contracts have been identified, prompting the WLFI team to warn users about fraudulent messages. They advised users to only use official email channels for support and to be cautious of any direct messages claiming to be from the team.