CertiK: The "USPD contract attack" resulted in approximately $1 million in losses, and the entire attack lasted two months.

This article is machine translated

Show original

According to TechFlow TechFlow, on December 5th, CertiK Alert reported that a USPD contract attack resulted in losses of approximately $1 million. The attackers manipulated stored data to carry out the attack, which lasted two months.

Analysis suggests the attack was divided into two phases: On September 16, the attacker preemptively executed a legitimate initialization transaction, adding a malicious intermediary proxy to the USPD stabilizer; on September 17, the attacker granted privileged roles to its contract through the malicious proxy, and then used those privileges to launch an attack 78 days later.

Previous reports indicated that the USPD protocol suffered a sophisticated attack that resulted in the loss of approximately 232 stETH, with the attackers reportedly minting 98 million USPD tokens.

Source

Disclaimer: The content above is only the author's opinion which does not represent any position of Followin, and is not intended as, and shall not be understood or construed as, investment advice from Followin.

Add to Favorites

Comments

Relevant content

Coin68

Highlights of Vietnam Crypto Market Report 2025

BTC

1.98%

All-in station

USPD stablecoin project hacked, millions of dollars in damage

ODAILY

Full text of the heated debate between CZ and Peter Schiff: 300 million users are not supporting a Ponzi scheme, but a new generation of financial consensus.