Concerns are mounting around the potential misuse of EIP-7702, a feature introduced in Ethereum’s Pectra upgrade. Wintermute has issued an alert highlighting that over 80% of authorizations for this enhanced account abstraction mechanism are being used for automated attacks by malicious contracts. Notably, a recent phishing attack resulted in a loss of nearly $150,000 using the ‘CrimeEnjoyor’ contract to empty user wallets. The EIP-7702 feature allows wallets to manage transactions more efficiently and offers enhanced security measures like biometric/social verification and single transaction limits. However, this has opened up new attack vectors with malicious contracts exploiting its capabilities.