All
Contribute!
BlockchainCrypto MarketCryptocurrency

DeFi Protocol USPD Loses $1 Million in “CPIMP” Attack

CoinSurges
By CoinSurges

Share This Post

Yearn Finance Hacked

The post DeFi Protocol USPD Loses $1 Million in “CPIMP” Attack appeared first on Coinpedia Fintech News

A decentralized finance platform called USPD has fallen victim to a complex security breach that resulted in approximately $1 million being stolen from its protocol. What first looked like a normal system setup months ago was actually a hidden trap waiting to strike. 

In the meantime, USPD is offering a 10% bounty if the attacker returns 90% of the stolen funds.

How the USPD Attack Happened?

According to blockchain security firm PeckShieldAlert, the attacker planted the trap all the way back on September 16, while the project was still being deployed. They used a clever technique during the proxy setup phase, gaining admin rights before USPD’s own deployment script could finish.

Meanwhile, this type of exploit is now being called a “CPIMP” attack, short for Clandestine Proxy In the Middle of Proxy.

What made this attack particularly sneaky was how well it was hidden. The hacker installed what security experts describe as a “shadow” implementation that cleverly forwarded everything to USPD’s properly audited contract. 

By manipulating event data and storage information, they tricked blockchain explorer Etherscan into showing the legitimate, audited code, even though they had secretly planted their malicious version underneath.

Attack Finally Strikes, Losing $1 Million

After months of lying dormant and undetected, the attacker finally struck. They upgraded the proxy contract, minted around 98 million USPD tokens out of thin air, and withdrew approximately 232 stETH tokens before draining nearly $1 million in liquidity

The attacker operated through two addresses, now labeled “Infector” address (0x7C9…19d83 and the other was “Drainer” address (0x0883…3215A).

10% Bounty For The Attacker

The USPD team is working with law enforcement and white-hat researchers to track the stolen funds. They have asked all users to revoke approvals to stay safe.

They also said they are open to treating the hack as a “white-hat rescue” if the attacker comes forward. 

To encourage this, USPD is offering a 10% bounty if the attacker returns 90% of the stolen assets.

Read Entire Article
spot_img
- Advertisement -spot_img

Related Posts

Binance Founder Crushes Bitcoin Critic In Game-Changing BTC Vs. Gold Debate

The Binance Blockchain Week event in Dubai became the center of a high-stakes showdown between traditional and digital innovation, with Bitcoin and gold going head-to-head Investors, tech

Retail Shifts to Silver: Purchase Lines Observed in Singapore

Bullionstar, a Singapore-based gold and silver dealer, has experienced a rise in the normal demand for silver, as prices accelerated this week The company stated this is part of a market shift for

XRP ETFs Are About To Hit $1 Billion – Here’s How Much Is Flowing In Daily

XRP ETFs are on the verge of hitting a significant milestone, with total Assets Under Management (AUM) approaching the $1 billion milestone Since the launch of its ETF last month, hundreds of

Is The Bitcoin Bottom In? Top Analyst Assigns 91.5% Probability

Crypto analyst Miles Deutscher has issued one of the most forceful bottom calls of this cycle, assigning a 915% probability that Bitcoin’s low is already in In a X thread on December 4, he wrote:

Forget MSTR, MARA Is in Even Worse Trouble, Vaneck’s Sigel Says

Bitcoin has dipped below $90K again, and two of its largest holders might just be on the brink of a financial meltdown Beyond MSTR’s Woes: Vaneck Analyst Flags Greater Peril at MARA At first blush,

Bitcoin thieves stole $1.1B using fake bird noises: Now Malaysia hunts heat signatures from the sky

In Malaysia’s illegal Bitcoin (BTC) mining hotspots, the hunt begins in the sky Drones buzz over rows of shops and abandoned houses, sweeping for pockets of unexpected heat, which is the
Previous article
Kraken Crypto Exchange Launches Elite Service Program for Wealthy Digital Asset Investors
Next article
XRP Price Plunges 3.5% As Santiment Says Soaring FUD May Spark A Rally

Categories:

Hot right now:

Company:

Follow on:

Crypto Coin Live Stats

Coinsurges provides coverage of fintech, blockchain, and Bitcoin, delivering the most recent news and analyses on the future of money. Stay up-to-date with live prices, charts, and trading options for the top exchanges. Keep track of the day's top cryptocurrency gainers and losers, as well as which coins have experienced gains and losses in the past 24 hours.
Trust Coinsurges as your go-to source for all news and updates in the industry.