Another day, another exploit

Once again, an exploit has led to stolen crypto — this time on the Abstract blockchain.

My first thought, as usual, was relief that I keep most of my savings in Bitcoin — which I’ve always considered far more secure than other cryptocurrencies.

However, the developers of Abstract clarified that the breach was not due to their blockchain or wallet but rather to a gaming app called Cardex. If you’ve ever interacted with Cardex, revoke your sessions immediately at the following link: https://revoke.abs.xyz.

Okay, attacks like this are a stark reminder: blockchain security alone isn’t enough. Stay proactive:

• Review wallet permissions regularly: Most crypto wallets let you manage active approvals for third-party apps. Audit these settings often and revoke access to anything you don’t use daily.
• Separate funds: Avoid keeping large sums in wallets you use for frequent transactions or app logins.

And here’s a reality check for me: even Bitcoin isn’t immune. SatoshiLabs has warned that attackers are exploiting vulnerabilities in older versions of Lightning Network node software (the layer used for fast, low-cost Bitcoin micropayments). Funds are at risk if users haven’t updated their software. (Yes, Lightning wallets can also be used for app logins — another reason to stay vigilant.)

Moral of the story? Never grant unnecessary permissions. At Rabbit Swap, we enforce this principle rigorously: when you exchange crypto on rabbit.io, you simply send funds directly to a generated address. No wallet connections, no signature-based logins, no asset approvals. Full control stays with you.