Ethereum’s latest Pectra upgrade was designed to make the network more user-friendly and efficient, but recent findings show it has also opened the door to new security threats that everyday users need to understand .
What’s New in Pectra?
The Pectra upgrade, which went live on May 7, 2025, is one of Ethereum’s most significant updates to date. It combines improvements from both the Prague execution layer and the Electra consensus layer, introducing 11 new Ethereum Improvement Proposals (EIPs) . Among these, EIP-7702 stands out for its focus on account abstraction. This feature allows regular wallets to temporarily act like smart contracts, enabling users to batch multiple actions, sponsor gas fees, use passkeys or social authentication, and set spending limits—all in a single transaction .
The Security Challenge: Automated Attacks on the Rise
While these features are meant to simplify crypto transactions, they have also made it easier for attackers to exploit unsuspecting users. According to a recent analysis by trading firm Wintermute, over 80% of EIP-7702 delegations have been used by automated “sweeper” scripts. These scripts, often copy-pasted and widely reused, are designed to drain wallets with compromised private keys by automatically transferring funds to the attacker .
One such malicious contract, nicknamed “CrimeEnjoyor,” has become the most common use case for EIP-7702 delegations. In a recent incident, a user lost nearly $150,000 in a phishing attack linked to this type of contract, as reported by blockchain security firm Scam Sniffer.
Why Is This Happening?
The core issue isn’t the upgrade itself, but the ongoing challenge of private key security. As security expert Taylor Monahan points out, “It’s not actually a 7702 issue, it’s the same issue crypto has had since day one: end users struggle to secure their private keys. 7702 just unlocks a bunch of cool abilities that make sweeping addresses more cost efficient and less tedious” .
What Can Users Do?
Security firms like SlowMist recommend that wallet providers quickly adapt to support EIP-7702 transactions and clearly display the target contract when users sign delegations. This transparency can help users spot suspicious activity before it’s too late. Meanwhile, users should remain vigilant, double-check transaction details, and never share their private keys .
The Bottom Line
Ethereum’s Pectra upgrade brings powerful new features, but also new risks. As the network evolves, so do the tactics of attackers. Staying informed and cautious is the best defense for anyone using Ethereum’s latest tools.
