Cyvers in the News
Meir Dolev, CEO of Israel-based crypto security company Cyvers, which detected the Dough hack as it happened,
said that looping-related code is what hackers exploited to break into Dough’s systems. “Their implementation of complex, high-risk strategies like looping and de-looping without sufficient safeguards suggests they took excessive risks," Dolev said via email.
Dough’s post-hack report acknowledges the same root cause of the theft as Cyvers. Dough added that it would take preventive measures including auditing its code and enhancing security through monitoring.

May 19, 2025
UPCX Assures Users After Unauthorized Transfer of 18.4MTokens
Blockchain security firm Cyvers confirmed the incident, stating that it involved the transfer of 18.4 million UPC tokens valued at approximately $70 million from three separate management accounts
According to Cyvers, its security system determined that an unauthorized person had gained access to the address 0x4C….3583E and “upgraded the ProxyAdmin contract.” The individual then executed the “withdrawByAdmin” function, resulting in the unauthorized transfer of the UPC tokens.

April 2, 2025
Hacker Steals $70 Million in UPC Tokens After Gaining Control of UPCX Smart Contract
Cyvers, which traced the suspicious activity to a contract upgrade by the attacker.
This attack follows patterns seen in previous exploits, according to Cyvers’ co-founder Meir Dolev. He pointed out that compromised credentials and flawed access control mechanisms were often to blame for such breaches. He noted that these issues accounted for over 80% of Web3-relatedlosses in 2024. Dolev also stressed the importance of improving security measures, particularly for wallet permissions and multisignature implementations, to prevent future incidents.

April 2, 2025