GoPlus Security Alert: User Loses $200,000 in Permit/Approve Phishing Attack

Chainthink

Release Time: 03/20/2026 03:02:33

Summary

GoPlus reported a $200,000 theft after a user signed malicious Permit and Approve transactions on March 20, 2026. On-chain data shows the attacker drained USDC and wmtUSDT from an address starting with 0x9709. The incident underscores the importance of users verifying contract addresses and transaction details. As altcoins to watch gain traction, such security risks remain a key concern for traders and investors.

ChainThink reports that on March 20, GoPlus security monitoring detected a malicious Permit and Approve transaction signed by an address starting with 0x9709, resulting in approximately $200,000 in USDC and wmtUSDT being stolen by phishers.

GoPlus advises users to carefully review transaction details and contract addresses when signing any on-chain approval or offline permit request, to avoid signing malicious requests from unknown sources and prevent asset theft.

Source:Show original

Disclaimer: The information on this page may have been obtained from third parties and does not necessarily reflect the views or opinions of KuCoin. This content is provided for general informational purposes only, without any representation or warranty of any kind, nor shall it be construed as financial or investment advice. KuCoin shall not be liable for any errors or omissions, or for any outcomes resulting from the use of this information. Investments in digital assets can be risky. Please carefully evaluate the risks of a product and your risk tolerance based on your own financial circumstances. For more information, please refer to our Terms of Use and Risk Disclosure.