Trump’s WLFI tokens may be under attack after Pectra exploit
The post Trump’s WLFI tokens may be under attack after Pectra exploit appeared on BitcoinEthereumNews.com. The distribution of WLFI tokens may face an unexpected setback, as a Pectra exploit may make certain wallets vulnerable. Reports have already surfaced of drained wallets and losses. Malicious actors may be abusing a vulnerability of Ethereum’s Pectra upgrade to steal WLFI tokens as they were distributed to end users. Reports have surfaced of wallets drained of incoming funds, putting the reputation of WLFI further at risk. As Cryptopolitan reported, the World Liberty Fi distribution was one of the biggest events on Ethereum, pushing the price of gas above 100 gWei. For now, the token distribution wallets themselves are safe, and the losses stem from individual reports of compromised wallets. The founder of SlowMist tracked the exploits in the past couple of days, as WLFI was just being moved between wallets. The token’s contract itself is not compromised, though the asset has seen some turbulent trading. The founder of SlowMist tracked the exploits in the past couple of days. Source: @evilcos via X The exploiters use the Pectra EIP-7702 update, which allows wallets to give preliminary permission to smart contracts. The exploit uses the smart wallet feature, which allows permission for moving tokens. However, the ability to steal WLFI still requires a compromised private key. Pectra EIP-7702 combined with malicious fishing The Pectra EIP-7702 upgrade has been a known risk since it allows wallet holders to give approval for smart contract execution. The initial idea was to turn each wallet into a hub for smart contract execution, presuming all interactions were researched and vetted. Despite this, the upgrade turned into a security risk as thousands of wallets gave access to malicious actors. Automated wallet sweeper contracts were among the leading apps to request access, and wallet users gave approvals through phishing links. WLFI is not the most valuable token, but…
The post Trump’s WLFI tokens may be under attack after Pectra exploit appeared on BitcoinEthereumNews.com.
The distribution of WLFI tokens may face an unexpected setback, as a Pectra exploit may make certain wallets vulnerable. Reports have already surfaced of drained wallets and losses. Malicious actors may be abusing a vulnerability of Ethereum’s Pectra upgrade to steal WLFI tokens as they were distributed to end users. Reports have surfaced of wallets drained of incoming funds, putting the reputation of WLFI further at risk. As Cryptopolitan reported, the World Liberty Fi distribution was one of the biggest events on Ethereum, pushing the price of gas above 100 gWei. For now, the token distribution wallets themselves are safe, and the losses stem from individual reports of compromised wallets. The founder of SlowMist tracked the exploits in the past couple of days, as WLFI was just being moved between wallets. The token’s contract itself is not compromised, though the asset has seen some turbulent trading. The founder of SlowMist tracked the exploits in the past couple of days. Source: @evilcos via X The exploiters use the Pectra EIP-7702 update, which allows wallets to give preliminary permission to smart contracts. The exploit uses the smart wallet feature, which allows permission for moving tokens. However, the ability to steal WLFI still requires a compromised private key. Pectra EIP-7702 combined with malicious fishing The Pectra EIP-7702 upgrade has been a known risk since it allows wallet holders to give approval for smart contract execution. The initial idea was to turn each wallet into a hub for smart contract execution, presuming all interactions were researched and vetted. Despite this, the upgrade turned into a security risk as thousands of wallets gave access to malicious actors. Automated wallet sweeper contracts were among the leading apps to request access, and wallet users gave approvals through phishing links. WLFI is not the most valuable token, but…
What's Your Reaction?
