UXLINK Phishing Attack Reveals $11 Million Loss

Web3 social network UXLINK was the target of a $43 million phishing attack. As the investigation progresses, it is discovered that the exploiter transferred 542 mn UXLINK tokens to phishing addresses. According to reports, the hacker has also created an extra 2 billion coins and taken control of 490 mn tokens.

Notably, the UXLINK phishing attack, which involved unauthorized access to the platform's multi-signature wallet, has led to a sharp decline in the token's value, with prices plummeting by a substantial 65%. Now, investors and enthusiasts are closely watching the platform’s further investigation procedures and the hackers’ moves to know the potential trajectory of the cryptocurrency.

Exploit Overview

“We have identified a security breach involving our multi-signature wallet, resulting in a significant amount of cryptocurrency being illicitly transferred to both CEXs and DEXs,” the UXLINK phishing attack notification announced on September 22, sending shockwaves through the community.

According to reports, the attackers gained administrator-level privileges by breaking into the company's multi-signature wallet by taking advantage of a flaw in the "delegateCall" function. This security lapse enabled the theft of roughly $11.3 million in assets, comprising $4.5 million in stablecoins alongside prominent tokens like ETH and WBTC.

In an X post earlier today, Scam Sniffer revealed that the exploiter address had signed a malicious `increaseAllowance` approval to a phishing contract, moving 542M cryptos, worth about $43M, to addresses.

Subsequently, Lookonchain revealed that the scammer obtained control of 490 million tokens and generated an extra 2 billion cryptos through illicit minting. Subsequently, the attacker dumped a substantial quantity on decentralized exchanges (DEXes) and centralized exchanges (CEXs) via more than six wallets, netting 6,732 ETH – equivalent to around $28.1M.

It's worth noting that reports indicate the total loss is around $11.3 million, involving assets like USDT, USDC, WBTC, and ETH . The firm is now collaborating with exchanges and security firms like PeckShield to freeze stolen assets and investigate the breach.

Prices Plummet in Reaction to Exploit

In response to the UXLINK phishing attack , the token price saw a massive plummet of 65%, reaching an all-time low of $0.1097. In just 24 hours, the cryptocurrency dipped by 66%, sparking widespread concerns surrounding its potential future.
Despite this decline, traders are showing increased interest in the altcoin, as evidenced by the staggering 1360% hike in the 24-hour trading volume. At the moment, $478 million is the recorded volume.

Recuperation Activities

With law enforcement agencies actively participating in the recovery process, the project subsequently guaranteed that user wallets were not directly affected by the security breach and froze funds on exchanges.

The company intends to "promptly" implement a token swap in response to the cryptocurrency's illegal minting in order to protect holders and realign the supply in accordance with the project's whitepaper guidelines. Additional instructions will be disseminated by the team via formal channels.