The post Abstract Chain users have been compromised, most likely linked to Cardex app appeared on BitcoinEthereumNews.com.

Multiple users have been compromised on Abstract Chain, an EVM-compatible L2 solution, though the issue was limited to specific wallets. Abstract Chain says its platform remains secure, and no network-wide issue has been noticed. Abstract Chain users with exposure to the Cardex app may be individually affected, as noticed by on-chain investigators.  The Abstract Chain team confirmed that the network is secure and that no attacks occurred on any wallets. The team tracked the problem to a specific app. We are aware of some Abstract users being compromised and want to assure everyone it is not a network wide Abstract Global Wallet (AGW) issue. This issue seems to be isolated to an app (seems to be Cardex, please do not interact for the time being), we are working to get to the… — 0xBeans (@0x_Beans) February 18, 2025 They did not announce the amount of drained funds and aim to keep the vulnerability a secret to prevent further losses. Cardex went live on the Abstract Chain after February 12 and has already met with the first problem of the partnership. Cardex is a collectible and gaming app, currently running an active tournament, which may have exposed more wallets. Amid the chaos, users have suggested activating 2FA for all Abstract Chain accounts.  Abstract Chain wallet affects other wallets and accounts Some Abstract users noted all types of wallets were drained, not only those that engaged with Cardex. Web3 investigators also identified the attack as a ‘first session key hack’. A malicious session that connected the wallet to an app gave the exploiter access to all wallets for a month.  Currently investing the “first session keys hack” on @AbstractChain. Sent relevant info to the team ! This malicious SC :0xee580828b426b6cc33817bCE419DaF65a516aA7e got users rights from a session keys signature giving full rights on…

---

Filed under: News - @ February 18, 2025 8:25 pm