Request Finance releases attack incident report

According to the report of the integrated financial platform RequestFinance attack incident, only one user was affected by this incident. The attacker hacked into the RequestFinance front-end system on September 10, injecting authorization instructions into a contract that seems to be the same (name, address, part of ABI interface, recent activities). When the victim pays, not only transfers money to the normal contract, but also authorizes the contract to consume unlimited USDC. The team has implemented additional protection mechanisms and monitoring measures.