ChainBleedv0.1 · open intel
← back to feed·ETHACCESS-CONTROL2025-04-01 · 1y ago
Incident · DEFILLAMA

UPCX

Upgraded ProxyAdmin + withdrawByAdmin Hack
Estimated loss
VERDICT —UNRATED
Verdict pending. Auto-ingested incidents are reviewed before a public verdict is rendered.
▰ METHOD
Upgraded ProxyAdmin + withdrawByAdmin Hack
ACCESS-CONTROLBYTECODE CATCHABLEAI SCANNABLE
Root cause

Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.

Forensic narrative

Classification: Protocol Logic. Technique: Upgraded ProxyAdmin + withdrawByAdmin Hack. Target type: DeFi Protocol. Affected chains: Ethereum. Implementation language: Solidity.

Sourced from
DefiLlama Hacks dataset · api.llama.fi/hacks
Technical record
chain
ethereum
protocol
UPCX
bug_class
access-control
date_occurred
2025-04-01
loss_usd
classification
Protocol Logic
technique
Upgraded ProxyAdmin + withdrawByAdmin Hack
target_type
DeFi Protocol
language
Solidity
source_id
dl:adhoc:upcx:1743465600
Related — same bug class· access-control
2026-05-13
27d ago
ARB
ShapeShift FOX Colony (Colony Network)
executeMetaTransaction → resolver-repoint via setTarget → delegatecall drain
access-control
$132.7K
AUDIT-CATCHABLE
2026-05-12
28d ago
ETH
BoostHook
Uniswap V4 hook-contract logic exploit
access-control
$47.5K
UNRATED
2026-05-12
29d ago
Aurellion Labs
Contract Vulnerability
access-control
$455.0K
UNRATED
2026-05-11
29d ago
POLY
Huma Finance V1 (deprecated)
refreshAccount() unconditional GoodStanding state flip → unauthorized drawdown
access-control
$101.4K
AUDIT-CATCHABLE
2026-05-10
1mo ago
ARB
Renegade
Unprotected Initializer Exploit
access-control
$209.0K
UNRATED
2026-05-10
1mo ago
ARB
Renegade
Contract Vulnerability
access-control
$209.0K
UNRATED
ChainBleed — live web3 threat intelligence