Investors were stolen from all WLFI due to private key leakage, involving EIP-7702 phishing

Odaily Planet Daily News Slow Fog Security Researcher Cosine disclosed on the X platform that all the WLFIs obtained by an investor who participated in private equity were stolen due to the leakage of his private key. This attack is a typical EIP-7702 phishing exploit: the attacker pre-built a malicious mechanism in the victim's wallet address. Once the remaining tokens are attempted (such as WLFI deposited into Lockbox), the paid Gas will be automatically transferred away. The attacker then completed Gas injection, replaced malicious contracts and transferred tokens in the same block through a snatch operation, thereby achieving theft.