He explained:
“From the perspective of a phished user, it goes like this: the user opens a phishing website, a wallet signature prompt pops up, the user clicks confirm, and with just that one action, all valuable assets in the wallet address vanish in a snap.”
In principle, the delegation is revocable and network-specific. However, attackers have found ways to weaponize the feature in practice.
The firm pointed out that many of these contracts are simple copy-paste scripts that scan for vulnerable wallets and drain their holdings automatically.
Considering this, Scam Sniffer and Xiang urged crypto users to take extra care before signing wallet requests. They recommended verifying domain names, avoiding rushed confirmations, and rejecting signatures that seem unclear or overly broad.
They also stated that some of the red flags that could arise include requests for unlimited token approvals, contract upgrades under EIP-7702, or transaction simulations that do not match expectations.
