UPCX's April 1, 2025 security breach involved the modification of the "ProxyAdmin" contract which enabled the execution of the ‘withdrawByAdmin’ function
Claim
Quotes that support claims
According to Cyvers Alerts, an unknown entity appears to have gained control of the address 0x4C….3583E, allowing them to modify the ‘ProxyAdmin’ contract. This modification enabled the execution of the ‘withdrawByAdmin’ function, which resulted in the transfer of approximately 18.4 million UPC tokens
Cyvers said someone accessed a UPCX address and upgraded its ProxyAdmin contract. The attacker then executed a function that allows admins to withdraw, leading to fund transfers from three different management accounts.
Referenced by
Summary
Crypto news
Data block
