- The cross-layer protocol 402bridge was hacked, resulting in a loss of $17,000 in USDC tokens.
- The attack impacted 227 users within 28 minutes due to leaked private keys.
- The leak also compromised over a dozen of 402bridge’s test and main wallets.
- Experts suggest the hack might involve internal sabotage but do not claim it was a typical rug pull.
- x402, the underlying AI-powered payment protocol developed by Coinbase, enables account-free payments for digital services.
The cross-layer payment protocol 402bridge suffered a security breach that led to the theft of approximately $17,000 in USDC stablecoins. The incident affected over 200 users who had authorized the contract to spend their funds. The attack was reported on October 28, 2025.
According to crypto analytics firm PeckShield, the hack compromised 227 users within just 28 minutes. The breach occurred after the private keys linked to 402bridge’s contract were leaked, allowing Hackers to take control, transfer ownership, and drain user funds. 402bridge confirmed that more than a dozen of its test and main wallets were also compromised due to the private key exposure.
A pseudonymous user known as “Ye in Web3” said on X (formerly Twitter) that the private keys were leaked soon after contract deployment. They also expressed suspicion that the event might be a coordinated rug pull by the team behind 402bridge, questioning the legitimacy of the provided evidence and the contract’s design allowing funds to be drained. In response, 402bridge stated on X that it has reported the incident to law enforcement and is investigating the attack.
The founder of crypto security company SlowMist, Yu Xian, commented that “internal sabotage cannot be ruled out”. Xian noted a red flag that 402bridge had experienced a theft just two days after its registration. However, he clarified that this incident does not suggest wrongdoing by the entire team and does not fit the pattern of a typical rug pull.
402bridge is built on the x402 protocol, created earlier this year by Coinbase. x402 enables AI agents and human users to make payments without needing an account or authentication. The protocol’s name is inspired by the HTTP 402 status code, which signals “payment required.” Although the original HTTP 402 was rarely used, Coinbase revived it to support future microtransaction systems. The x402 protocol supports various applications such as paying per API request, allowing AI agents to autonomously purchase API access, paywalls for digital content, and monetizing microservices through small payments.
Separately, x402’s payment concept gained traction recently as OpenAI integrated Paypal for transactions within its ChatGPT AI software, allowing users to purchase goods and services directly through the platform using a linked PayPal wallet.
For further details, see PeckShield’s alert and 402bridge’s statement.
✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.
Previous Articles:
- OpenAI Becomes Public Benefit Corp, Microsoft Gains 27% Stake
- Gold Prices Fall Under $4,000: Should Concern Be Rising?
- Cathie Wood Denies AI Bubble, Warns of Reality Check on Valuations
- Bitcoin Must Hold $114K Support to Confirm Recovery and Rally
- Hedera Soars Following ETF Launch Approval: What Comes Next?
