BTC $62,206.74 -3.06%
ETH $1,772.24 -2.63%
BNB $565.51 -2.39%
XRP $1.06 -3.01%
SOL $75.12 -3.17%
TRX $0.3256 -1.76%
DOGE $0.0717 -2.42%
ADA $0.1580 -3.81%
BCH $235.88 -4.36%
LINK $7.89 -2.17%
HYPE $63.57 -6.77%
AAVE $94.71 -3.77%
SUI $0.7204 -2.81%
XLM $0.1818 -4.16%
ZEC $504.08 -6.41%
BTC $62,206.74 -3.06%
ETH $1,772.24 -2.63%
BNB $565.51 -2.39%
XRP $1.06 -3.01%
SOL $75.12 -3.17%
TRX $0.3256 -1.76%
DOGE $0.0717 -2.42%
ADA $0.1580 -3.81%
BCH $235.88 -4.36%
LINK $7.89 -2.17%
HYPE $63.57 -6.77%
AAVE $94.71 -3.77%
SUI $0.7204 -2.81%
XLM $0.1818 -4.16%
ZEC $504.08 -6.41%

慢雾:EIP-7702 账户漏洞遭利用,1,988.5 枚 QNT 被盗

2026-04-29 12:10:45
收藏

ChainCatcher 消息,据市场消息,攻击者利用一个存在缺陷的 EIP-7702 账户,从 QNT 储备池盗取 1,988.5 枚 QNT(约合 54.93 枚 ETH)。根本原因在于,该储备池管理员 EOA 通过 EIP-7702 将代码委托给 BatchExecutor 合约,而该合约将无权限控制的 BatchCall 合约设为授权调用方。

由于 BatchCall.batch() 函数未设置任何权限校验,任意外部调用者均可调用,最终导致储备池资产被耗尽。

app_icon
ChainCatcher 与创新者共建Web3世界