UXLINK confirmed on Monday that a security breach of its multi-signature wallet led to large, unauthorised transfers and a sharp fall in its token price.
The breach was detected after a call to change wallet permissions allowed a new multisig owner to be added and the admin role to be removed, the project said.
The attacker moved several assets to both centralised and decentralised exchanges, including at least $4,000,000 in USDT, $500,000 in USDC, 3.7 WBTC and 25 ETH, according to alerts shared by onchain watchers.
Hack and immediate losses
The hacker then sold UXLINK on DEXes and collected the equivalent of roughly 6,732 ETH, about $28.1 million, while the project warned that around 10 trillion UXLINK tokens were minted late Monday. The coin’s 24-hour trading volume is up by a whopping 1045%.
UXLINK posted that its multi-signature wallet was compromised and that a significant amount of cryptocurrency was taken. The project thanked exchanges for freezing many of the stolen funds. Still, the initial outflows and token sales hit the market fast.
Onchain monitors flagged the exploit earlier in the day. One alert noted a delegate call that removed admin controls and added a new multisig owner. That change let the attacker move assets out of the wallet. The transfers included stablecoins, wrapped bitcoin and ETH.
Token minting and price impact
The attacker also minted a huge amount of UXLINK tokens. Onchain data showed roughly 10 trillion tokens issued late on Monday. That minting flooded liquidity pools and pushed the UXLINK price down more than 70% to about $0.08912.
UXLINK urged its community not to trade the token on DEXes. The team warned that new, unauthorised tokens could cause further losses for anyone who buys them.
To protect traders, the project said it is asking major exchanges to pause UXLINK trading while it prepares a token swap plan.
Exchanges move to freeze funds
UXLINK said most of the hacker’s assets were frozen by major exchanges. That action reduced the immediate risk to holders, the project added. The team is reaching out to platforms to stop trading and to recover any remaining funds where possible.
Lookonchain and other analytics firms reported that the attacker routed token sales through multiple wallets on DEXes. The scale of those sales was large enough to generate millions in proceeds before the freezes took effect.
Also Read: North Korean IT Workers Exploited Over 30 Fake Identities To Hack Crypto Firms
Phishing and further losses
Security alerts also showed a related phishing event, as one exploiter lost 542 million UXLINK in what was flagged as a fake phishing scheme. That wallet reportedly lost about $48 million in tokens. The incident highlights how attackers often chain methods together to cash out quickly.
UXLINK said it is pursuing legal and compliant steps to restore the token supply to what the white paper requires. The team pointed to the white paper as the governing standard for the token economy and said it will align supply with that document.
Growing exploits in crypto
Exploits and scams keep appearing across the crypto sector, as each week brings new reports of smart contract flaws, social engineering, or weak wallet setups. Many projects face complex technical risks that can be exploited in minutes.
About $2 million has been stolen from the New Gold Protocol (NGP), a DeFi project built on the BNB Chain.
On July 10, we reported a devastating hack that took place and caused 577 ETH to be drained. Kinto has formally declared that it will stop functioning on September 30.
OlaXBT ($AIO) lost almost 32 million AIO tokens, or more than $2 million, to a hacker who gained access to the project’s multisignature wallets.
On 2nd Sept, UnoCrypto reported that a hack against Bunni DEX, a decentralised exchange based on Uniswap V4, resulted in the theft of $2.4 million.
UXLINK plans a token swap to address the extra supply and is working with exchanges to halt trading temporarily. The team will also pursue legal routes to try to recover stolen assets that are not frozen. Community members now face decisions about whether to hold or sell while plans are put in place.
Also Read: Crypto Hackers Exploit Ethereum Smart Contracts To Hide Malware From Security Scanners