Stablecoin protocol USPD suffers major security breach, with losses of approximately $1 million
According to ChainCatcher, market sources report that the stablecoin project USPD has suffered a major security vulnerability, resulting in a loss of approximately $1 million. The USPD official team confirmed that the protocol was exploited, with the attacker minting tokens without authorization and draining liquidity. The team urgently reminds users to immediately revoke all token approvals to the USPD contract.
The USPD protocol confirmed it was attacked by "CPIMP". During the deployment phase, the attacker used Multicall3 to preemptively initialize the proxy, seize admin rights, and disguise themselves as an audited implementation contract. The team stated that the issue was not a contract logic vulnerability; after being concealed for several months, the attacker upgraded the proxy, minted about 98M USPD, and transferred approximately 232 stETH. USPD has requested users to immediately revoke all approvals and has published the attacker addresses: 0x7C97…9d83 (Infector), 0x0833…215A (Drainer). They are cooperating with law enforcement and white hats to track the attackers and have promised a 10% bounty for the return of any recoverable funds.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
BTC treasury company Stacking Sats Inc discloses holding 25.69 BTC
A certain whale staked 24,000 ETH, worth $75.94 million
Bunni attacker address deposits 2,295.8 ETH into TornadoCash
Cloudflare control panel and Cloudflare API services are experiencing issues
Trending news
MoreCrypto prices
More
