AInvest Newsletter
Daily stocks & crypto headlines, free to your inbox
x402's Growth Outpaces Security, Leaving Wallets Open to Exploits
Generated by AI AgentCoin WorldReviewed byAInvest News Editorial Team
Tuesday, Nov 18, 2025 10:41 am ET1min read
AI Podcast:Your News, Now Playing
Aime SummarySecurity Alert: Hundreds of Wallets Targeted in x402 Token Exploits, Says GoPlus
The x402 token ecosystem, an open payment protocol inspired by the HTTP 402 "Payment Required" status code, is facing a critical security crisis as
, a blockchain risk-analysis platform, warns of widespread vulnerabilities in early-stage projects. The protocol, backed by major players like and Google, has seen explosive growth with hundreds of meme-style tokens and experimental applications. However, this rapid expansion has exposed severe flaws, including unlimited minting, excessive developer permissions, and signature-replay attacks, .GoPlus's AI-driven audit of over 30 x402-based tokens revealed recurring patterns of vulnerabilities. These include functions allowing owners to drain wallets, bypass token allowances, and mint tokens without limits. For example, the FLOCK token permits its owner to extract any ERC20 tokens from the contract, while
. The report also highlighted the October 28 exploit of a cross-layer x402 protocol, which .
The risks are not theoretical. Real-world exploits have already occurred, underscoring the urgency for stricter security measures. GoPlus identified high-risk tokens such as U402, MRDN, PENG, and x402MO, all of which exhibit flaws like honeypot behaviors or allowance bypasses. For instance, PENG allows the owner to withdraw ETH from the contract and bypasses permission checks for specific accounts, while
. The report emphasizes that these issues stem from a lack of rigorous auditing, as the ecosystem's growth has outpaced due diligence processes.Retail and institutional investors alike face hidden dangers. GoPlus warns that vulnerabilities often remain undetected until exploited, leaving users with little recourse. The report
before launching new tokens, advocating for a shift from speculative hype to robust safeguards.As the x402 ecosystem matures, the need for standardized audits and transparent governance becomes paramount. Without addressing these flaws, the protocol risks undermining trust and repeating the mistakes of past crypto cycles. For now, users are advised to exercise caution, particularly with early-stage projects lacking proven security frameworks.
Coin World
Quickly understand the history and background of various well-known coins
Latest Articles
XRP News Today: Vanguard Shifts Stance on Crypto ETFs, Citing Matured Markets and Demand
Dec.02 2025
Alphabet's AI Ecosystem Fuels Flywheel Growth, Propelling Stock 68% in 2025
Dec.02 2025
Striking Baristas Secure $38.9M in Restitution, But Contract Battles Brew On
Dec.02 2025
Bitcoin News Today: Bitcoin's RSI Signals Cyclical Reset as Market Waits for Fed's Decisive Move
Dec.02 2025
Corporate Strategies Test Balance Between Growth and Sustainability
Dec.02 2025
Ainvest News articles are AI-generated using advanced large language model (LLM) technology designed to analyze and synthesize publicly available data and news. While AI tools assist in producing initial drafts and insights, all AI generated content published on Ainvest is subject to comprehensive human editorial review before publication. A designated human editor reviews, verifies, and approves each article for factual accuracy, coherence, and compliance with AInvest Fintech Inc’s editorial and disclosure standards.
Despite these review procedures, the information provided may still contain inaccuracies, incomplete data, or time sensitive references due to the inherent limitations of AI generated analysis and evolving changes. The material is provided strictly for informational and educational purposes and does not constitute personalized investment, legal, or financial advice. Readers should independently verify all facts, figures, and statements before making any decision based on this content.
AInvest Fintech Inc. its affiliates, and partners accept no liability or responsibility for any direct or consequential losses arising from reliance on this content. All articles and analyses are subject to revision, update, or removal without prior notice to maintain accuracy and integrity in our publications.
Comments
No comments yet