SlowMist: The 402Bridge attack appears to be caused by a private key leak, but an insider attack cannot be ruled out.

Yu Xian, founder of SlowMist, posted on the X platform that the ownership of the 402bridge contract had been changed, apparently due to a private key theft, but an insider attack could not be ruled out (this statement does not mean the project team acted collectively, as it was not a typical rugpull). 402bridge.fun had ceased service just two days after registration, and then the "hacker" stole the USDC of all users who had authorized the bridge contract in bulk. This was the first public case of theft related to the 402 protocol service.