UXLINK hack update: Hacker launders stolen funds, sells $6.8M ETH

UXLINK hack update: Hacker moves $6.8M in ETH, loses millions in a phishing attack, while UXLINK implements emergency measures to secure assets.

Areeba Rashid
September 24, 2025
7:33 pm

Areeba Rashid

Areeba Rashid is a dedicated crypto news writer with a passion for making complex topics accessible to everyone. She covers the latest developments in the crypto world, including in-depth price analysis, helping readers stay informed and make sense of market trends.

UXLINK hacker shuffles 1,620 ETH into DAI stablecoins, marking first major cash-out attempt.
The hacker uses centralized and decentralized methods to conceal funds, complicating investigations.
Emergency measures include a new smart contract with enhanced security to prevent future exploits.

The UXLINK hack has not been completed, and the hacker is transferring stolen money between wallets. As per data by on-chain trackers, the hacker recently transferred 1,620 ETH, which is worth $6.8 million, into DAI stablecoins. It is the first significant effort to cash in the stolen assets almost 48 hours into the exploit. Nevertheless, it is just a part of the stolen sum.

The hacker has employed various tricks to cover up the footprint of stolen money. They have transferred assets in a centralized as well as a decentralized manner. The hacker employs these tactics to complicate tracking efforts and diminish investigations. Security experts are closely monitoring the situation, yet the stolen funds remain widely dispersed.

The hacker who attacked $UXLINK dumped 1,620 $ETH for 6.73M $DAI 2 hours ago.https://t.co/nYRXsq0T6V https://t.co/M8tbPYAdiq pic.twitter.com/1vTpuaDrU9
— Lookonchain (@lookonchain) September 24, 2025

Hacker Loses Millions in Phishing Attack

The hacker, nonetheless, fell victim to a significant financial loss during a phishing attack. Security researchers have discovered that the attacker sent a wrongful confirmation on a malicious deal overseen by the Inferno Drainer group. This caused 542 million UXLINK tokens to drain, equivalent to approximately 43 million at the time of the attack.

🚨 ~41 minutes ago, the UXLINK exploiter address appears to have signed a malicious `increaseAllowance` approval to a phishing contract,
resulting in ~542M UXLINK being moved to phishing addresses.

Tx:https://t.co/8Dsjym0gl2 https://t.co/OUtZkbULW1 pic.twitter.com/Ar5z2QwMVo
— Scam Sniffer | Web3 Anti-Scam (@realScamSniffer) September 23, 2025

The multi-signature wallet offered by UXLINK in September 22 served to start the hack, which targeted a system weakness. The vulnerability enabled the attacker to acquire access at the level of an administrator, which additionally allowed them to start the illegal transfers.

The attacker had minted about 10 trillion dried tokens of CRUXLINK almost immediately in the Arbitrum blockchain and has liquidated them. This made UXLINK tokens plunge over 70 percent.

Also Read: SOL Strategies CEO Leah Wald Steps Down as Firm Appoints Michael Hubbard Interim Leader

UXLINK Takes Swift Action to Freeze Suspicious Transactions

UXLINK responded swiftly as a result. The protocol notified exchanges to freeze suspicious transactions and collaborated with security companies to trace the stolen assets. Nevertheless, such attempts did not help much in the restoration of money already lost during the attack.

To prevent such exploits, UXLINK introduced emergency precautions. The project transferred the tokens to a new and safe smart contract with a limited supply. The smart contract has been audited to enhance security and better control over the multisig wallets.

Security Notice – Update 5

We would like to share the latest progress on the UXLINK token migration:

1. The new UXLINK smart contract has successfully passed its security audit.
2. The contract will be deployed on the Ethereum mainnet. The contract dropped the mint-burn…
— UXLINK (@UXLINKofficial) September 24, 2025

Nonetheless, the hacker keeps on shuffling and laundering stolen money. This ongoing trend leaves little room for complete recovery. It is not clear whether the attacker will take other steps in the next few days. The survival of UXLINK lies in the effectiveness of the fresh security measures over the course of the unfolding situation.

Also Read: Ripple and Securitize Unlock Real-Time Liquidity with RLUSD Integration