402bridge: Both the team test wallet and the main wallet were also attacked

Foresight News reported that 402bridge tweeted, "Due to this private key leak, more than a dozen of the team's test wallets and main wallets have also been attacked. We have promptly reported this incident to law enforcement authorities and will keep the community updated as the investigation progresses."

According to a previous report by Foresight News, GoPlus tweeted that the x402 cross-chain protocol 402bridge was suspected of being hacked. The contract creator transferred ownership to an address starting with 0x2b8F, after which the new contract owner called the transferUserToken method in the contract to transfer all remaining USDC from authorized user wallets. Since users must authorize USDC to the 402bridge contract before minting, more than 200 users had their remaining USDC transferred due to over-authorizing. The address starting with 0x2b8F9 transferred a total of 17,693 USDC from users, then swapped the USDC for ETH and bridged it to Arbitrum through multiple cross-chain transactions. GoPlus advises users who have participated in this project to revoke the relevant authorization (0xed1AFc4DCfb39b9ab9d67f3f7f7d02803cEA9FC5) as soon as possible. Before authorizing, check whether the authorization address is the official address of the project you are interacting with, only authorize the required amount, and never grant unlimited authorization.