Hackers Target UXLINK, Only to Become Victims in $48 Million Fraud

On September 22, 2025, UXLINK—a Web3 social infrastructure platform—fell victim to a $11.3 million security breach. Attackers exploited a flaw in the project’s multi-signature wallet, causing the token’s value to plunge by 70%. The exploit allowed the unauthorized creation of 2 billion UXLINK tokens, swift transfers of $4.5 million in stablecoins, and 3.7 WBTC, along with ETH and

. By taking advantage of a delegateCall vulnerability, the attackers ousted the original administrators and assigned their own address as the wallet owner, enabling them to immediately siphon off assets UXLINK Hacked: Over $11 Million Stolen, Token Price … [ 1 ].

After the breach, the perpetrator quickly converted the stolen tokens into 6,732 ETH (worth $28.1 million) through decentralized exchanges. Ironically, within hours, the hacker themselves became a victim of the Inferno Drainer phishing group, losing 542 million UXLINK tokens valued at $48 million UXLINK Hacked: Over $11 Million Stolen, Token Price … [ 1 ]. This sequence of events highlighted the inherent dangers of DeFi, where even malicious actors are susceptible to further attacks.

UXLINK acted within an hour of discovering the incident, issuing warnings and working with exchanges to freeze suspicious transactions. The team enlisted blockchain security firms such as PeckShield to track the stolen funds and announced an emergency token swap to counteract inflation from the unauthorized minting. Although some of the stolen assets were frozen, illicit token creation persisted, prompting UXLINK to focus on stabilizing its ecosystem UXLINK Hacked: Over $11 Million Stolen, Token Price … [ 1 ]. The token’s price crashed from $0.30 to $0.09, wiping out $70 million in market value in just a few hours UXLINK Hacked: Over $11 Million Stolen, Token Price … [ 1 ].

Major exchanges like Upbit and Bithumb responded by halting UXLINK trading, suspending deposits and withdrawals as a safety measure. Upbit also labeled the token as a “cautionary asset” under the

Asset User Protection Act, citing the issuer’s lack of disclosure about significant risks. Blockchain analytics firm PeckShield advised users to avoid interacting with the token, noting that the attacker still controlled minting privileges UXLINK Hacked: Over $11 Million Stolen, Token Price … [ 1 ].

This breach exposed significant weaknesses in UXLINK’s smart contract architecture, such as the lack of a fixed supply limit and insufficient access restrictions. Security professionals pointed out that simple safeguards like timelocks or emergency stop features could have slowed the attack, giving the community time to react UXLink Hack Exposes Centralized Weakness in DeFi Systems [ 5 ]. The incident also reignited discussions about the reliability of multisignature wallets, which, despite their reputation for strong security, were compromised here due to poor key management and governance practices UXLINK Hack — A Full Timeline and Deep Dive: Security Flaws, … [ 4 ].

Industry analysts observed that the hack had broader consequences for both DeFi and CeFi. While DeFi platforms managed to cut losses by 40% in 2024 thanks to better cryptographic techniques and bridge security, the UXLINK incident revealed ongoing weaknesses in access management. On the other hand, CeFi platforms saw a rise in breaches, with incidents doubling in 2024, largely due to centralized key management issues DeFi vs CeFi: A Tale of Security in 2024 - freebitco.in [ 6 ]. The event underscored the necessity for decentralized projects to implement thorough security audits, layered key storage solutions, and transparent governance to regain user trust UXLink Hack Exposes Centralized Weakness in DeFi Systems [ 5 ].

UXLINK’s emergency token swap and cooperation with exchanges are steps toward regaining confidence, but lasting recovery depends on addressing deeper structural issues. This episode serves as a stark reminder for investors about the importance of careful research and diversification in a sector vulnerable to swift and large-scale attacks.