PANews reported on December 5th that, according to PeckShieldAlert, the stablecoin project USPD suffered a major security vulnerability, resulting in a loss of approximately $1 million. USPD officials confirmed that the protocol was exploited, with attackers minting tokens without authorization and draining liquidity. The official team urgently advised users to immediately revoke all token authorizations for the USPD contract. The USPD protocol has been confirmed to have been attacked by the "CPIMP" attack. During the deployment phase, the attacker used Multicall3 to preemptively initialize the proxy, seize administrator privileges, and impersonate an audited contract implementation. The official statement claims the logic is not a contract vulnerability; the attacker had been concealed for several months before upgrading the proxy, minting approximately 98M USPD, and transferring approximately 232 stETH. USPD has demanded that users immediately revoke all authorizations and has published the attack addresses: 0x7C97…9d83 (Infector) and 0x0833…215A (Drainer). They are cooperating with law enforcement and white-hat hackers to track down the attacker and have promised a 10% bounty for their return.PANews reported on December 5th that, according to PeckShieldAlert, the stablecoin project USPD suffered a major security vulnerability, resulting in a loss of approximately $1 million. USPD officials confirmed that the protocol was exploited, with attackers minting tokens without authorization and draining liquidity. The official team urgently advised users to immediately revoke all token authorizations for the USPD contract. The USPD protocol has been confirmed to have been attacked by the "CPIMP" attack. During the deployment phase, the attacker used Multicall3 to preemptively initialize the proxy, seize administrator privileges, and impersonate an audited contract implementation. The official statement claims the logic is not a contract vulnerability; the attacker had been concealed for several months before upgrading the proxy, minting approximately 98M USPD, and transferring approximately 232 stETH. USPD has demanded that users immediately revoke all authorizations and has published the attack addresses: 0x7C97…9d83 (Infector) and 0x0833…215A (Drainer). They are cooperating with law enforcement and white-hat hackers to track down the attacker and have promised a 10% bounty for their return.
Stablecoin protocol USPD suffered a loss of approximately $1 million due to the "CPIMP" attack.
For feedback or concerns regarding this content, please contact us at [email protected]
PANews reported on December 5th that, according to PeckShieldAlert, the stablecoin project USPD suffered a major security vulnerability, resulting in a loss of approximately $1 million. USPD officials confirmed that the protocol was exploited, with attackers minting tokens without authorization and draining liquidity. The official team urgently advised users to immediately revoke all token authorizations for the USPD contract.
The USPD protocol has been confirmed to have been attacked by the "CPIMP" attack. During the deployment phase, the attacker used Multicall3 to preemptively initialize the proxy, seize administrator privileges, and impersonate an audited contract implementation. The official statement claims the logic is not a contract vulnerability; the attacker had been concealed for several months before upgrading the proxy, minting approximately 98M USPD, and transferring approximately 232 stETH. USPD has demanded that users immediately revoke all authorizations and has published the attack addresses: 0x7C97…9d83 (Infector) and 0x0833…215A (Drainer). They are cooperating with law enforcement and white-hat hackers to track down the attacker and have promised a 10% bounty for their return.
Market Opportunity
Major Price(MAJOR)
$0.06457
$0.06457$0.06457
USD
Major (MAJOR) Live Price Chart
Disclaimer: The articles reposted on this site are sourced from public platforms and are provided for informational purposes only. They do not necessarily reflect the views of MEXC. All rights remain with the original authors. If you believe any content infringes on third-party rights, please contact [email protected] for removal. MEXC makes no guarantees regarding the accuracy, completeness, or timeliness of the content and is not responsible for any actions taken based on the information provided. The content does not constitute financial, legal, or other professional advice, nor should it be considered a recommendation or endorsement by MEXC.
You May Also Like
Bad News for European Crypto Holders? EU Calls For Harsher Crypto Regulation Despite MiCA
EU regulators push stricter crypto rules beyond MiCA, seeking ESMA oversight, cybersecurity audits, and AMLR bans on privacy tokens. European regulators are now calling louder for stricter crypto rules. France’s AMF, Austria’s FMA and Italy’s CONSOB are now arguing that the Markets in Crypto-Assets Regulation (also known as MiCA framework) is not enough to manage […] The post Bad News for European Crypto Holders? EU Calls For Harsher Crypto Regulation Despite MiCA appeared first on Live Bitcoin News.
Share
LiveBitcoinNews2025/09/18 13:00
Snowball Money and ENI Set Stage for Scalable and Enterprise-grade Web3 Adoption
Snowball Money and ENI set to simplify identities in order to enhance on-chain reputation, and drive scalable, enterprise-grade Web3 adoption at a global level.
Share
Blockchainreporter2025/09/20 17:00
Monad Foundation launches ecological incentive program
PANews reported on September 18th that the Monad Foundation announced the launch of the Monad Momentum Incentive Matching Program, designed to accelerate the growth of high-quality applications within the Monad ecosystem. The program utilizes an incentive-matching model, requiring applicant teams to initially raise their own resources, which will be supplemented by Monad Momentum . The program will be implemented in phases, with the first round of applications open from September 18th to 28th . Selected teams must have a working product on the Monad testnet, plan to launch on the mainnet, and complete a security audit. Teams must also demonstrate efficient user acquisition and sustainable operations.
Share
PANews2025/09/18 22:30
