UXLINK reported a multi-sig wallet breach, but the bigger twist is the hacker got scammed and lost $48 million to a phishing scam.
AI-powered Web3 platform UXLINK recently suffered a major security breach on September 22. Initially, a malicious actor compromised UXLINK’s multi-signature wallet and began unauthorized minting of UXLINK tokens, a move that violates the project’s whitepaper.
According to LookOnChain, the hacker minted 2 billion UXLINK and obtained about 490 million tokens. They transferred large sums to decentralized exchanges to secure roughly 6,732 ETH (about $28.1 million).
UXLINK was hacked!
The hacker received 490M $UXLINK and also minted 2B $UXLINK.
The hacker has sold a massive $UXLINK on DEXes through six wallets, obtaining 6,732 $ETH ($28.1M).
He also sold a large amount of $UXLINK on CEXes.
Address:… pic.twitter.com/i2XFO7u4ZU
— Lookonchain (@lookonchain) September 23, 2025
The platform quickly engaged law enforcement, blockchain security firms, and major exchanges to freeze suspicious deposits and track the stolen funds. A large portion of those assets has already been frozen as investigations continue.
Phishing Attack Drains the Attacker
Ironically, the very hacker who drained UXLINK’s wallet became a phishing scam victim themselves. On-chain data revealed that about 542 million UXLINK tokens, worth around $48 million, were siphoned from the exploiter’s wallet.
Interestingly, the hacker who attacked $UXLINK was targeted by a phishing attack and lost 542M $UXLINK($48M).https://t.co/Cp9QNHPE8Xhttps://t.co/M8tbPYAdiq pic.twitter.com/PxadIIfkDi
— Lookonchain (@lookonchain) September 23, 2025
Scam Sniffer reported that the hacker signed a malicious “increaseAllowance” contract tied to a phishing scam. This allowed another group of attackers, believed to be linked to the Inferno Drainer network, to drain the stolen funds.
🚨 ~41 minutes ago, the UXLINK exploiter address appears to have signed a malicious `increaseAllowance` approval to a phishing contract,
resulting in ~542M UXLINK being moved to phishing addresses.Tx:https://t.co/8Dsjym0gl2 https://t.co/OUtZkbULW1 pic.twitter.com/Ar5z2QwMVo
— Scam Sniffer | Web3 Anti-Scam (@realScamSniffer) September 23, 2025
The incident left the crypto community stunned, with many posting laughing emojis. Members are now reminding investors to stay vigilant, warning that in crypto “there’s always a bigger fish.”
UXLINK Price Tanks Amid Chaos
The double-layered hack triggered a sharp correction in the platform’s native token price. UXLINK was trading above $0.30 early on September 22. However, soon after the breach, the cryptocurrency plunged over 75% to around $0.08 at the time of writing.
The penny crypto has lost over $100 million in market cap in the past 24 hours.
In response, the UXLINK team has urged community members to avoid trading UXLINK on DEXs, warning of risks tied to unauthorized tokens.
Security Notice Update 3
We have detected that a malicious actor is continuously conducting unauthorized minting of UXLINK tokens. To safeguard our community and ecosystem, we are taking immediate emergency measures:
1. We are urgently reaching out to major centralized…
— UXLINK (@UXLINKofficial) September 23, 2025
The project also announced plans for a token swap to preserve the integrity of its ecosystem, promising further details soon.
This is not the only DeFi security incident this month. Just last week, New Gold Protocol, a decentralized staking project, suffered an exploit that drained about $2 million.
next