GoPlus: 402bridge Suspected of Theft, Over 200 Users Have USDC Stolen Due to Overauthorization

BlockBeats News, October 28th, the official GoPlus announcement on social media stated that the x402 cross-chain protocol 402bridge was suspected of being stolen. The contract creator transferred ownership to an address starting with 0x2b8F, and then the new contract owner called the transferUserToken method in the contract to transfer all remaining USDC authorized by users' wallets.

Reportedly, due to the need to authorize USDC to the 402bridge contract before minting, over 200 users had their remaining USDC transferred away due to authorizing an excessive amount. The address starting with 0x2b8F9 transferred a total of 17693 USDC from users and then swapped the USDC for ETH, which was subsequently transferred across multiple chains to Arbitrum.

GoPlus recommends that users who participated in the project promptly revoke (0xed1AFc4DCfb39b9ab9d67f3f7f7d02803cEA9FC5) the relevant authorizations. Before authorizing, check if the authorization address is the official address of the project. Only authorize the required amount and avoid unlimited authorizations. Regularly check authorizations and revoke those that are no longer needed.