Stablecoin protocol USPD suffered a loss of approximately $1 million due to the "CPIMP" attack.

PANews reported on December 5th that, according to PeckShieldAlert, the stablecoin project USPD suffered a major security vulnerability, resulting in a loss of approximately $1 million. USPD officials confirmed that the protocol was exploited, with attackers minting tokens without authorization and draining liquidity. The official team urgently advised users to immediately revoke all token authorizations for the USPD contract.

The USPD protocol has been confirmed to have been attacked by the "CPIMP" attack. During the deployment phase, the attacker used Multicall3 to preemptively initialize the proxy, seize administrator privileges, and impersonate an audited contract implementation. The official statement claims the logic is not a contract vulnerability; the attacker had been concealed for several months before upgrading the proxy, minting approximately 98M USPD, and transferring approximately 232 stETH. USPD has demanded that users immediately revoke all authorizations and has published the attack addresses: 0x7C97…9d83 (Infector) and 0x0833…215A (Drainer). They are cooperating with law enforcement and white-hat hackers to track down the attacker and have promised a 10% bounty for their return.

Share to:

Author: PA一线

This content is for informational purposes only and does not constitute investment advice.

Follow PANews official accounts, navigate bull and bear markets together
Telegram Discussion Group
Telegram News Channel
@PANews
Recommended Reading
1 hour ago
2 hour ago
2 hour ago
4 hour ago
5 hour ago
6 hour ago

Popular Articles

Industry News
Market Trends
Curated Readings
Subscribe

Curated Series

App内阅读