Rewards Hub GoPlus has issued a security alert regarding a suspected theft involving the x402 cross-chain protocol, known as @402bridge. The contract creator, identified by the address starting with 0xed1A, transferred ownership to 0x2b8F. The new owner exploited the transferUserToken method to move all remaining USDC from user wallets that had authorized the contract. This incident affected over 200 users, resulting in the unauthorized transfer of 17,693 USDC, which was subsequently converted to ETH and moved to Arbitrum via multiple cross-chain transactions.
Users are advised to immediately revoke any authorizations related to the project. GoPlus emphasizes the importance of verifying that authorization addresses are official, authorizing only necessary amounts, and avoiding unlimited authorizations. Regular checks and cancellations of unnecessary authorizations are also recommended to prevent similar incidents.
GoPlus Alerts Users of x402 Cross-Chain Protocol Theft
Disclaimer: The content provided on Phemex News is for informational purposes only. We do not guarantee the quality, accuracy, or completeness of the information sourced from third-party articles. The content on this page does not constitute financial or investment advice. We strongly encourage you to conduct you own research and consult with a qualified financial advisor before making any investment decisions.