TechFlow news, December 5 — USPD protocol officials issued an urgent security alert today, confirming a severe security vulnerability attack that allowed unauthorized token minting and drained liquidity. The attacker used an advanced technique called "CPIMP" (Covert Proxy in Middleware Proxy) to front-run the proxy initialization during deployment on September 16, thereby gaining hidden administrative privileges. By installing a "shadow" implementation and manipulating event data, the attacker successfully evaded verification tools including Etherscan, remaining undetected for months before minting approximately 98 million USPD tokens today and stealing about 232 stETH. The USPD team has already engaged law enforcement and security organizations, marking the attacker's address to freeze funds, and has proposed treating the incident as a white-hat rescue—if 90% of the funds are returned, they will cease legal action.
Risk Disclosure: This website's content is not investment advice and offers no trading guidance or related services. Per regulations from the PBOC and other authorities, users must be aware of virtual currency risks. Contact us / support@techflowpost.com ICP License: 琼ICP备2022009338号
