|
Getting your Trinity Audio player ready...
|
- $11.3M stolen through a multi-signature wallet exploit.
- UXLINK token crashed 70%, prompting emergency action.
- Inferno Drainer phishing twist highlights DeFi risks.
Stay ahead with real-time updates and insights—Join our Telegram channel!
Web3 social infrastructure project UXLINK suffered a major security breach on September 22, 2025, resulting in losses exceeding $11.3 million. Hackers exploited a vulnerability in the project’s multi-signature wallet, draining stablecoins, Ethereum (ETH), WBTC, and nearly 490 million UXLINK tokens, causing panic across its community and a sharp token price collapse.
🚨ALERT🚨Our system has detected $11.3M in suspicious transactions involving @UXLINKofficial
— 🚨 Cyvers Alerts 🚨 (@CyversAlerts) September 22, 2025
An ETH address executed a delegateCall, removed the admin role, and called "addOwnerWithThreshold" before transferring $4M $USDT, $500K $USDC, 3.7 $WBTC, and 25 $ETH.
All USDC/USDT were… pic.twitter.com/fkHwygOHkD
How Hackers Exploited UXLINK
Blockchain security analysts confirmed the attack was carried out through a “delegateCall” vulnerability. This loophole allowed the perpetrators to remove existing wallet administrators and insert their own address as the new owner. Within minutes, the hackers seized full control, transferring:
- $4.5M in stablecoins
- Multiple ETH and WBTC assets
- 490 million native UXLINK tokens
The exploit also enabled them to mint 2 billion additional UXLINK tokens, which were rapidly sold across decentralized exchanges (DEXes). Through six different wallets, the attackers converted the stolen tokens into 6,732 ETH (~$28.1 million), highlighting the scale of the breach.
The “Inferno Drainer” Twist
Interestingly, the initial hacker later fell victim to a phishing scam orchestrated by the notorious Inferno Drainer group, losing over 542 million UXLINK tokens. This incident underscores the unpredictable and dangerous nature of the decentralized finance (DeFi) ecosystem, even for cybercriminals.
UXLINK’s Response and Emergency Measures
UXLINK acted swiftly, issuing urgent security alerts and collaborating with centralized (CEX) and decentralized exchanges to freeze suspicious deposits. Law enforcement and blockchain forensics firm PeckShield were engaged to trace and audit stolen funds.
Also Read: WLFI Launch Chaos: How Blacklisting Saved 24.6B Tokens From Hackers
Despite rapid intervention, the token’s market value plummeted from $0.30 to $0.09, wiping out nearly $70 million in capitalization. The project has announced an emergency token swap initiative to stabilize holdings and protect the community.
The UXLINK hack highlights both the risks inherent in DeFi and the importance of robust multi-signature security. While exchanges managed to freeze much of the stolen funds, the incident serves as a stark warning for projects and investors alike: even sophisticated wallets can be compromised, and rapid action is crucial in crisis management.
Stay ahead with real-time updates and insights—Join our Telegram channel!
Disclaimer: The information in this article is for general purposes only and does not constitute financial advice. The author’s views are personal and may not reflect the views of Chain Affairs. Before making any investment decisions, you should always conduct your own research. Chain Affairs is not responsible for any financial losses.
I’m your translator between the financial Old World and the new frontier of crypto. After a career demystifying economics and markets, I enjoy elucidating crypto – from investment risks to earth-shaking potential. Let’s explore!
