UPCX, the open-source payment platform, has suspended all transactions after an unauthorized withdrawal of approximately $70 million in digital assets was detected.
Blockchain security specialists uncovered the breach on April 1, revealing suspicious activity linked to 18.4 million UPC tokens.
Investigations show that an attacker gained access to a UPCX administrative wallet, modifying its ProxyAdmin contract to execute a withdrawal function, resulting in fund transfers from three separate management accounts. The stolen tokens remain confined to a single wallet, with no indications of attempts to swap or liquidate the assets.
UPCX Temporarily Halts Deposits and Transactions
Confirming the breach, UPCX took swift action by suspending all deposits and withdrawals to protect user funds. The platform reassured customers that their personal assets remain secure and that an internal investigation is underway.
The incident caused a notable decline in UPC’s token price, dropping 7% from $4.06 to $3.77, according to market analyses.
As of now, UPCX has not released further information regarding possible remedial actions. This event highlights ongoing security vulnerabilities in the crypto sector, where malicious actors increasingly exploit administrative functions to misappropriate funds.
The UPCX incident underscores growing concerns over Web3 security, drawing attention to the urgent need for enhanced smart contract security and stricter access controls to avert similar breaches in the future.
