
There are no “cheap” and uninteresting projects left in the cryptocurrency world — hackers stole 70 million $ by hacking a small blockchain service UPCX. This incident proves that even micro-capitalization does not save from cyberattacks.
On April 1, the UPCX team confirmed “unauthorized activity” in its management accounts. Analysts from Cyvers discovered that someone gained control over one of the project’s crypto wallets, updated the “ProxyAdmin” contract, and used the “withdrawByAdmin” function to withdraw 18.4 million UPC tokens (equivalent to over $70 million).
Interestingly, UPC is a micro-token with a market cap of only 16.7 million $ and a daily circulation of about 1.1 million $. In other words, the stolen amount is almost four times the entire valuation of the token. Only 0.5% of its total amount is in circulation on the market, so any attempt to merge assets will cause a collapse in the rate.
UPCX is a little-known blockchain payment service that uses UPC tokens. Before the incident, the token was ranked 1,153 in the CoinGecko rating. Such micro-projects often do not have strong protection or incident response systems. The use of proxy contracts without multi-level verification is a typical vulnerability in such startups.
The UPCX incident is a wake-up call for investors investing in little-known crypto projects. Even minimal capitalizations do not protect against sophisticated attacks, and in the event of theft, there is practically no chance of recovery. While the UPCX team remains silent, users can only watch as an invisible attacker holds in his hands funds that exceed the value of the project itself.