The cryptocurrency market continues to be shaken as another stablecoin protocol has fallen victim to hackers. This time, the name mentioned is USPD – a stablecoin project that has attracted the attention of investors thanks to its “permissionless” operating mechanism, aiming to create a digital currency Peg to the US dollar without the need for centralized control.
According to information compiled by the on-chain community, the attacker exploited a vulnerability in the Mint process and illegally minted 98 million USDP. Not stopping there, the hacker also appropriated about 232 stETH, equivalent to millions of USD at the time of the theft. This is XEM one of the largest attacks targeting a small stablecoin in recent times.
Immediately after the incident, the project team issued an urgent warning asking all users who had interacted with the USPD smart contract to check and revoke wallet access as soon as possible. The project confirmed that the problem did not originate from a bug in the core smart contract, but from another vulnerability in the operating process, but the details have not been fully disclosed.
As is common in DeFi attacks, the USPD team immediately contacted several major centralized exchanges to help block the traced assets. The project also sent a “standard” negotiation message to the hacker: offering to refund 90% of the funds and keep 10% as a reward. However, to date, the hacker has not responded.
This incident took place in the context of the crypto market entering a sensitive period, when the number of cyber attacks increased sharply from the beginning of 2025. In just the past few weeks, the community has witnessed many projects being attacked with losses of tens to hundreds of millions of USD, causing US regulators to continuously issue warnings about the security risks of DeFi protocols.
