coindesk.com
Falling prices aren’t the only losses World Liberty Financial ($WLFI) holders are facing just a day after the token went live for trading.
Hackers are apparently exploiting a loophole tied to Ethereum’s recent Pectra upgrade, draining $WLFI tokens through what security firms are calling a “classic EIP-7702 phishing exploit.”
$WLFI, the Donald Trump–linked governance token that began trading Monday with a 24.6 billion supply, anchors an ecosystem of branded cards and payment services. After rising to as high as 33.13 cents after its trading debut, the $WLFI price has dropped to 24.27 cents, CoinGecko data show.
The attack vector can be traced back to EIP-7702, a feature introduced in May that enables regular wallets to function like smart contract wallets for batch transactions.
While meant to improve user experience, it has become a double-edged sword as attackers can plant a malicious delegate contract inside a compromised wallet. When the victim then deposits $ETH or tokens, the contract automatically routes the funds to hacker-controlled addresses.
SlowMist founder Yu Xian flagged the issue on Monday, saying multiple $WLFI wallets were drained using the method.
“As soon as you try to transfer away the remaining tokens … the gas you input will be automatically transferred away,” he warned, noting that private key leaks, often through phishing sites, are the typical entry point.
又遇到一位玩家多个地址的 $WLFI 都被盗事件,看了下盗窃手法,又是 7702 delegate 恶意合约利用,前提也是私钥泄露,黑客在目标钱包地址上提前埋伏好恶意的 7702 delegate 地址,之后将目标地址所有 $ETH 及价值 token(比如这里是 $WLFI)转走,一点渣渣都不剩,如果用户转入 $ETH 当… https://t.co/YyVvMPwaGM
— Cos(余弦)😶🌫️ (@evilcos) September 1, 2025
Users in $WLFI forums describe attempts to rescue their allocations. One investor said they managed to move only 20% of their tokens to a new wallet, with the rest still trapped in a compromised address.
The exploit adds to a rash of scams surrounding the start of trading. Analytics firm Bubblemaps flagged “bundled clones” imitating $WLFI contracts, while phishing links have circulated on Telegram and X.