"CrimeEnjoyor" script is already draining Pectra testnet wallets... stay safe ser

I was just checking the Dune dashboard for EIP-7702 delegations and it’s actually bleak. Wintermute found that over 80% of delegations on testnet are currently pointing to a single malicious script nicknamed "CrimeEnjoyor."

Basically, scammers are using the new batching features to sweep entire wallets in a single txn the second a user signs a "gasless" delegation. I’m seeing people lose $150k+ in "phishing simulations" that turned out to be very real drainers. If you’re a dev, please for the love of Vitalik, implement clear target-contract displays in your UI. This is going to be a bloodbath if we don't fix the frontend before mainnet. Anyone else seeing these malicious contracts in their logs?

This is exactly why Sherlock and OpenZeppelin are charging a premium for 7702 reviews right now. If your contract doesn't have a native revoke for delegation, it's a liability.

I just updated my dApp to use the MetaMask Delegation Toolkit. It has built-in warnings for unverified contracts, but you know users—they'll click "Accept" on anything if it says "Free Airdrop."

My iPad said I have a "Malicious Script" near my wallet. Does that mean I need to call a plumber or a computer man? I just want to stake my 2 ETH.

RIP to everyone using legacy Hardhat scripts for this. If you aren't fuzzing your delegation logic with Echidna or Medusa, you're basically shipping a bug. 7702 state changes are too complex for unit tests alone.