The hacker who wiped out UXLINK with a high-profile exploit has ironically become a victim of crypto crime himself.
On September 23, blockchain security platform Scam Sniffer reported that the attacker lost approximately 542 million UXLINK tokens, worth more than $50 million, to a phishing scheme carried out by another bad actor.
SlowMist co-founder Yu
Inferno Drainer’s involvement wouldn’t be entirely surprising, as the group is responsible for stealing several million dollars from unsuspecting crypto users across multiple chains.
Considering this, Xian scoffed at the irony of the situation, noting that the hacker fell into basic authorization traps similar to those he deployed against UXLINK.
UXLINK hack
The original UXLINK breach occurred on September 22, when the AI-powered social platform Web3 was compromised.
Blockchain security firm Cyvers reported that the breach started when an attacker executed a delegationCall function to take away administrator rights and add themselves as an owner to the platform’s smart contract.
This move enabled the theft of $4 million in USDT, $500,000 in USDC, 3.7 wrapped Bitcoin, and 25 ETH. The stolen stablecoins were quickly converted into DAI, while the funds were moved through the Ethereum and Arbitrum networks.
Hours later, a second address received 10 million UXLINK tokens, worth about $3 million, and began offloading them through decentralized exchanges.
By September 23, the situation had escalated further. Blockchain analytics platform Lookonchain reported that the attacker minted 2 billion UXLINK tokens and sold large quantities through bEXs and centralized exchanges, netting 6,732 ETH, approximately $28 million.
In response, UXLINK confirmed the exploit and took action to limit the damage.
The team stated that it was working with exchanges to freeze stolen assets. It also added that it has sought the help of blockchain security firm PeckShield, and urged trading platforms to temporarily suspend UXLINK trading pairs.
It added:
“We will immediately initiate a token swap plan to ensure the integrity of our token economy. Further details and instructions for the token swap will be announced shortly.”