UXLINK said the project suffered a security incident involving a multisig wallet, causing the Token price to plummet by more than 70%, after hackers Mint a large amount of UXLINK.
UXLINK was hacked, illegally Mint Token , and withdrew more than 11 million USD
Hackers take control of multisig wallets, withdraw over $11 million
- On the evening of September 22, on-chain analytics platform Cyvers Alerts discovered a serious security incident related to the UXLINK project, with an estimated loss of $11.3 million.
🚨ALERT🚨Our system has detected $11.3M in suspicious transactions involving @UXLINKofficial
— 🚨 Cyvers Alerts 🚨 (@CyversAlerts) September 22, 2025
An ETH address executed a delegateCall, removed the admin role, and called "addOwnerWithThreshold" before transferring $4M $ USDT , $500K $ USDC , 3.7 $WBTC , and 25 $ETH .
All USDC/ USDT were… pic.twitter.com/fkHwygOHkD
- According to Cyvers Alerts, the attacked wallet address has:
Execute delegateCall to remove admin rights.
Add a new owner to the multisig wallet via the addOwnerWithThreshold command.
Large withdrawal of 4 million USDT, 500,000 USDC, 3.7 WBTC and 25 ETH.
- On the Ethereum network, all USDT/ USDC was swapped to Dai; while on Arbitrum, USDT was swapped to ETH and bridged back to Ethereum. Just a few minutes later, another wallet received 10 million UXLINK (about 3 million USD) and started dumping.
- Immediately after that, UXLINK issued an urgent notice regarding this security incident. Accordingly, the team confirmed that the project's multisig wallet had been compromised, resulting in a large amount of assets being illegally transferred to both CEX and non-DEX exchanges.
- The project confirmed that it is coordinating with internal and external security experts to investigate, and urgently contacted many exchanges to freeze suspicious UXLINK deposits. The incident has also been reported to the police and authorities to promote legal proceedings and recovery.
- A few hours later, UXLINK said that a large portion of the stolen assets had been successfully blocked by exchanges, while emphasizing that there were still no signs of users' personal wallets being affected.
Mint adds 1 billion UXLINKs
- However, the situation quickly became more complicated when the project team discovered that hackers had illegally Mint UXLINK Token, seriously violating the regulations in the whitepaper.
- The project warns the community not to trade UXLINK on DEX to avoid losses, and affirms that the official supply must still comply with the whitepaper as the only standard.
- PeckShield also posted a warning that the hacker had gained the right to Mint Token and illegally issued 1 billion UXLINK on Arbitrum.
🚨🚨🚨 Do *NOT* interacts with $UXLINK Token !!!
— PeckShield Inc. (@peckshield) September 23, 2025
The Token is now compromised as today's @UXLINKofficial hacker has gained the Mint role and 1B $UXLINK tokens were just minted on Arbitrum.
Here is the unauthorized 1B Mint: https://t.co/JEiJ5HS8iR https://t.co/39j31kKw9I pic.twitter.com/yqqxzbpelT
- According to data from Lookonchain recorded at 10:30 AM on September 23:
Hacker received 490 million UXLINK and Mint 2 billion more Token.
Dumped UXLINK through 6 different wallet addresses on CEX and DEX, earning about 6,732 ETH (about 28.1 million USD).
The list of relevant wallets has been published for community monitoring.
UXLINK was hacked!
— Lookonchain (@lookonchain) September 23, 2025
The hacker received 490M $UXLINK and also minted 2B $UXLINK .
The hacker has sold a massive $UXLINK on DEXes through six wallets, obtaining 6,732 $ETH ($28.1M).
He also sold a large amount of $UXLINK on CEXes.
Address:… pic.twitter.com/i2XFO7u4ZU
- In a follow-up announcement, UXLINK said that the unauthorized Mint activity is still ongoing. In order to urgently protect the ecosystem, the project has contacted major exchanges to temporarily suspend UXLINK trading, and announced a plan to switch to a new Token to restore the integrity of tokenomics.
- Currently, besides illegally Mint UXLINK Token and withdrawing more than 11 million USD, the hacker has not made any other moves related to UXLINK.
- This hack also caused the price of UXLINK to plummet, down more than 70% in the past 24 hours, down to just $0.086.
UXLINK price movement in the last 24 hours, screenshot on CoinGecko at 03:20 PM on 09/23/2025
- Ironically, the hacker who attacked UXLINK later became the victim of a phishing scam. Lookonchain said the hacker lost 542 million UXLINK, equivalent to about 15 million USD.
Unfortunately, the hacker who attacked $UXLINK was targeted by a phishing attack and lost 542M $UXLINK ($48M). https://t.co/Cp9QNHPE8X https://t.co/M8tbPYAdiq pic.twitter.com/PxadIIfkDi
— Lookonchain (@lookonchain) September 23, 2025
Coin68 synthesis
