Internet reports that Wintermute recently issued a warning that the EIP-7702 feature (account abstraction improvement) in the Ethereum Pectra upgrade is being maliciously abused, and more than 80% of authorizations are used for automated attacks. Blockchain security company Scam Sniffer recently detected that a user lost nearly US$150,000 due to a phishing attack. The attacker used a copy-and-paste contract signed "CrimeEnjoy", which automatically empties the wallet with the leaked private key. EIP-7702 was proposed by Ethereum founder Vitalik Buterin to improve the user experience by temporarily providing wallets with smart contract functions, including batch processing of multiple transactions, sponsoring Gas fees, using biometric/social verification, setting a single transaction limit, etc. According to Wintermute's Dune dashboard, the vast majority of EIP-7702 authorizations flow to malicious contracts with the same functions. Security expert Taylor Monahan pointed out that EIP-7702 makes clearing addresses "cheaper and more labor-saving." Wintermute commented on this,"It's funny and cruel. The same copied bytecode accounts for most of the EIP-7702 license." Previously, it was reported that Xian, founder of Slow Fog, said that the largest users of Ethereum's new mechanism EIP-7702 are coin theft gangs (not phishing organizations). EIP-7702 allows the automatic transfer of funds from wallets with leaked private keys or mnemonics through authorization, and more than 97% of EIP-7702 commissions point to coin theft contracts.