DeFi Asset Management Platform Zapper Reveals Vulnerabilities in Old “Polygon Bridge” Contract

Officially, DeFi asset management platform Zapper tweeted that a vulnerability was found in an older version of the “Polygon Bridge” smart contract that allowed an attacker to steal unlimited approved funds, and that Zapper said it had moved all funds from the older smart contract and would release information about the incident as soon as possible. Zapper reminds users that if they have previously approved unlimited funds for “Polygon Bridge”, they will see a revocation alert on Zapper, and if they do not see the alert, they are not affected by the vulnerability. Zapper says that current Polygon Bridge smart contracts are free of the vulnerability and that only older versions of Polygon Bridge are affected.