GoPlus: x402 cross-chain protocol @402bridge suspected of being hacked, users are advised not to over-authorize

Jinse Finance reported that the GoPlus Chinese community has issued a security alert: the x402 cross-chain protocol @402bridge is suspected of being hacked. The creator of the contract starting with 0xed1A transferred ownership to the 0x2b8F address, after which the new owner used the contract's transfer User Token method to transfer all remaining USDC from authorized user wallets. Before minting, users had to authorize USDC to the @402bridge contract, resulting in over 200 users losing their remaining USDC due to over-authorization. The 0x2b8F address transferred a total of 17,693 USDC from users, then swapped the USDC for ETH and conducted multiple cross-chain transactions to Arbitrum. Users who have participated in this project are advised to revoke related authorizations as soon as possible. Users are reminded to check whether the authorization address is the official address of the project before granting authorization, only authorize the required amount, and never grant unlimited authorization. Also, regularly check and revoke unnecessary authorizations.