Security firm PeckShieldAlert has reported a hack of the recently launched 402Bridge, resulting in the theft of approximately $17,000 in USDC. The attack impacted over 200 users. This occurred shortly after the x402 payment protocol began gaining popularity within the crypto community.
News of the security breach spread rapidly throughout the crypto world, and security companies immediately advised users to cancel any permissions they had granted to the affected digital address. PeckShieldAlert reported on X (formerly Twitter) that 402bridge was hacked, with approximately $17,000 worth of USDC stolen, and urged anyone who had authorized transactions with the address 0xed..9FC5 to revoke that authorization.
Security researchers at PeckShield have detected a security breach at 402bridge, resulting in the theft of approximately $17,000 in USDC. If you have used this bridge, please revoke any permissions you’ve granted to the address 0xed1AFc4DCfb39b9ab9d67f3f7f7d02803cEA9FC5 as a precaution.
— PeckShieldAlert (@PeckShieldAlert) October 28, 2025
Private key exposure behind the exploit
The team at 402Bridge explained the recent attack happened because of a fundamental flaw in how their system was designed. According to a post on X, the process requires users to approve transactions through the website, which are then sent to a server. This server uses a special key to manage the system, and because it was connected to the internet, it unintentionally gave attackers administrative control.
This situation potentially enabled hackers to steal the private key and redirect users’ money. According to Cos, the founder of Slowmist, the hacker’s wallet address (‘0x2b8F’) initially took around $17,693 in USDC, which was then exchanged for 4.2 ETH. The hacker subsequently transferred the stolen ETH to Arbitrum using multiple transactions, making recovery extremely difficult.
It appears the owner of the @402bridge contract was changed due to a likely private key compromise. While not a typical rug pull, the possibility of an inside job is being considered (this doesn’t mean the entire project team is involved). The service stopped running just two days after registration, and an address – 0x2b8F95560b5f1d1a439dd4d150b28FAE2B6B361F – is suspected of being involved.
— Cos(余弦)😶🌫️ (@evilcos) October 28, 2025
Security warnings and industry reactions
Following a recent security breach, GoPlus Security, a Web3 security firm, advised users to revoke any permissions they had granted to 402Bridge. They stressed the importance of verifying the project’s official contract addresses before authorizing any transactions. Security experts also recommended approving only small transaction amounts and regularly checking wallet permissions as a safety precaution.
The x402 protocol gained attention this week by enabling instant payments using the HTTP 402 system. It processed over 932,000 transactions in the week ending October 20, 2025, demonstrating rapid growth before a recent security breach halted its progress.
This incident highlights the risks of poorly secured private keys. Developers need to prioritize stronger security measures, and users should be cautious about what they authorize and maintain full control of their wallets.
Read More
- ETC PREDICTION. ETC cryptocurrency
- AAVE PREDICTION. AAVE cryptocurrency
- SKY PREDICTION. SKY cryptocurrency
- GBP CHF PREDICTION
- CNY JPY PREDICTION
- USD CAD PREDICTION
- QNT PREDICTION. QNT cryptocurrency
- EUR GBP PREDICTION
- ETH PREDICTION. ETH cryptocurrency
- SOL PREDICTION. SOL cryptocurrency
2025-10-28 13:49