CertiK: An attacker exploited a smart contract vulnerability to steal approximately $5.87 million in pre-authorized funds.

According to CertiK Alert, an attacker stole approximately $5.87 million. The attacker exploited a public function to register as an AllowedOrderSigner and then executed orders to transfer pre-approved funds from victims’ addresses. CertiK urges users to immediately revoke approvals for the vulnerable contract and remain vigilant.