Cyvers said someone accessed a UPCX address and upgraded its ProxyAdmin contract. The attacker then executed a function that allows admins to withdraw, leading to fund transfers from three different management accounts.

  • Quote

Name

Cyvers said someone accessed a UPCX address and upgraded its ProxyAdmin contract. The attacker then executed a function that allows admins to withdraw, leading to fund transfers from three different management accounts.

Types

Quote

Sources

Hacker transfers $70M out of payment platform UPCX

Referenced by

UPCX's April 1, 2025 security breach involved the modification of the "ProxyAdmin" contract which enabled the execution of the ‘withdrawByAdmin’ function

Crypto news

Claim