The digital asset ecosystem has once again been shaken by a significant security breach, this time impacting the Web3 social platform UXLINK. A sophisticated attack has compromised the project’s multi-signature wallet, leading to the unauthorized acquisition and subsequent issuance of a substantial volume of tokens. This event underscores the persistent vulnerabilities within the decentralized finance space, even affecting established platforms that utilize advanced security measures.
UXLINK confirmed a security breach involving its multi-signature wallet, resulting in the illicit transfer of a large quantity of tokens. These assets were subsequently moved to both centralized (CEX) and decentralized exchanges (DEX). The project team stated they are actively collaborating with these platforms to freeze the illicit deposits, aiming to mitigate further financial repercussions and aid in the recovery process.
Security analysts at Lookonchain reported that the attacker seized approximately 490 million UXLINK tokens and proceeded to mint an additional 2 billion tokens. Further analysis by Cyvers indicated the likely exploitation of a delegateCall function, enabling the attacker to revoke administrator privileges and establish new control. The estimated financial damage includes $4 million in USDT, $500,000 in USDC, 3.7 WBTC, and 25 ETH, with a portion of these assets already converted.
Another address, presumed to be linked to the perpetrator, is reported to have withdrawn around 10 million UXLINK tokens and initiated their conversion. While the precise total loss remains unconfirmed, Lookonchain noted that the attacker has successfully offloaded some tokens on exchanges, generating an estimated $28.1 million in ETH from DEX transactions alone.
Interestingly, security experts also raised the possibility that the alleged attacker may have themselves fallen victim to a phishing scheme. The same address implicated in the breach reportedly lost 542 million UXLINK tokens, valued at approximately $48 million. The UXLINK team has formally reported the incident to law enforcement and relevant authorities to expedite legal proceedings and recovery efforts.
In response to the ongoing situation, UXLINK developers announced that a significant portion of the UXLINK tokens has been frozen, a measure designed to curb potential further losses. They have also advised users to refrain from trading the token on decentralized exchanges. Despite these efforts, the price of UXLINK experienced a sharp decline, plummeting from approximately $0.3 to $0.09. This event serves as a stark reminder of the inherent risks associated with digital asset management and the constant need for robust security protocols in the burgeoning Web3 landscape.
Maxwell Reed is the first editor of Cryptovista360. He loves technology and finance, which led him to crypto. With a background in computer science and journalism, he simplifies digital currency complexities with storytelling and humor. Maxwell began following crypto early, staying updated with blockchain trends. He enjoys coffee, exploring tech, and discussing finance’s future. His motto: “Stay curious and keep learning.” Enjoy the journey with us!