Hackers Target Investors of Trump-Affiliated Crypto Token in Online Scam

Hackers Exploit Ethereum Vulnerability to Target Trump-Linked WLFI Token

Just a day after its trading debut, World Liberty Financial (WLFI) holders are facing attacks exploiting a loophole in Ethereum’s recent Pectra upgrade. Security experts have classified the breach as a “classic EIP-7702 phishing exploit.”

WLFI, the Donald Trump–linked governance token, launched Monday with a total supply of 24.6 billion and underpins an ecosystem of branded payment cards and services. After initially rising to 33.13 cents, the token has fallen to 24.27 cents, according to CoinGecko.

The exploit leverages EIP-7702, which allows standard wallets to operate like smart contract wallets for batch transactions. Hackers can embed malicious delegate contracts into compromised wallets, automatically routing deposited ETH or tokens to their own addresses.

SlowMist founder Yu Xian confirmed multiple WLFI wallets were affected. “Even attempting to transfer remaining tokens can trigger automatic loss of gas fees,” he warned, highlighting phishing sites as the primary method of key compromise.

Investors are scrambling to recover funds. One holder reported salvaging only 20% of their tokens, leaving the majority trapped in compromised wallets.

The incident adds to a surge of scams following WLFI’s launch. Analytics firm Bubblemaps flagged “bundled clones” mimicking WLFI contracts, while phishing links continue circulating on Telegram and X.