Abstract: The Cardex hacking incident was caused by the team accidentally exposing the private key of the session signer, resulting in a loss of approximately $400000

According to the official report of the second layer network Abstract, its ecosystem application Cardex has suffered a security vulnerability attack. The cause of the accident was that the Cardex team accidentally exposed the private key of the session signer on the front-end of their website after completing a preliminary security audit. This vulnerability allows attackers to initiate transactions on any wallet with authorized session keys, resulting in approximately $400000 in token losses. Abstract stated that this vulnerability is limited to the third-party application Cardex and does not affect the Abstract Global Wallet (AGW) or the Abstract network itself. The official recommends that users regularly revoke the authorization of applications and tokens in their wallets to prevent potential risks.