According to the team of cross-chain protocol Socket, the project has lost $3.3 million as a result of an attack.
They have said:
"Socket has experienced a security incident which affected wallets with infinite approvals to Socket contracts. We have identified the issue & have paused the affected contracts."
The developers have asked users to revoke all approvals for security reasons.
The exploit was reportedly first discovered by researcher Spreek, who also advised revoking approvals. He also asked users to be careful and use only verified links.
According to the researcher, the attacker used a token approval of an Ethereum address ending in 97a5 to carry out the exploit.