UXLINK Hacker Launders $6.8M Worth of Stolen Funds

Highlights:

• The hacker behind the UXLINK breach has moved $6.8M worth of ETH, attempting to launder stolen funds.
• UXLINK suffered a significant phishing loss, resulting in the theft of $43M worth of tokens.
• UXLINK responds with a new smart contract audit and token migration to tighten security.

This hack of the decentralized social platform UXLINK, which began on September 22, continues to trigger shockwaves across the crypto world. A security vulnerability in the multi-signature wallet of the project was used by hackers to access a substantial amount of funds. The malicious actor emptied the protocol of millions of dollars over the span of several hours.

The latest data provided by the blockchain analytics firm Lookonchain shows that the attacker has moved more than 6.8 million stolen ETH, converting 1,620 ETH into DAI stablecoins. This marks the initial significant attempt to launder the stolen funds. While the attacker has been busy, UXLINK has acted by collaborating with exchanges and security firms to track down the stolen assets.

The hacker who attacked $UXLINK dumped 1,620 $ETH for 6.73M $DAI 2 hours ago.https://t.co/nYRXsq0T6Vhttps://t.co/M8tbPYAdiq pic.twitter.com/1vTpuaDrU9

— Lookonchain (@lookonchain) September 24, 2025

On September 23, however, there was an unexpected twist in the story. The hacker became a victim of a phishing attack, losing some of the stolen funds. Here, approximately 542 million UXLINK tokens worth $43 million were drained as a result of a malicious contract interaction. However, this phishing scam seems to be one of the steps that the hacker took to help him turn stolen assets into liquid funds.

UXLINK’s Smart Contract Audit and Token Migration

Following the attack, UXLINK conducted a smart contract audit today to improve the security of the protocol. This audit revealed the vulnerabilities, especially to the multi-signature wallet, and has resulted in the new token migration introduction. The migration process comprises a limited supply that tries to avoid any further exploits, as the one that occurred.

There will also be enhanced policies on multisig wallets and contract interactions in the new contract. Through such changes, UXLINK will be making sure that future attacks become less probable. This move is hoped by the project to bring some stability and security to users who were affected by the hack.

Security Notice – Update 5

We would like to share the latest progress on the UXLINK token migration:

1. The new UXLINK smart contract has successfully passed its security audit.
2. The contract will be deployed on the Ethereum mainnet. The contract dropped the mint-burn…

— UXLINK (@UXLINKofficial) September 24, 2025

Moreover, following the exploit, the project has already adopted a number of emergency measures. This includes alerting the exchange to freeze suspicious transactions. Despite such efforts, the reputation of UXLINK and its token value remain impacted. This project is now under severe scrutiny and it is not clear whether they will be able to recover the damage done.

The Ongoing Search for Stolen Funds

As the attacker keeps moving the stolen money, it becomes difficult to track the scope of the theft. The hacker has used multiple wallets and decentralized exchanges to conceal their tracks. This consequently makes it difficult to trace the money using the most effective methods.

UXLINK has pledged to continue to track the condition with a focus on reducing the impact on users. Yet, since the attacker continues to hold millions in assets, it is not clear whether, or when, they would be fully recovered.

This latest exploit comes after a $2.6 million loss at Nemo Protocol. The exploit was a result of unvetted code in a smart contract written by a developer. The unvetted code resulted in loopholes that affected the funds of the users. To resolve the situation, however, Nemo Protocol has recently planned to compensate affected users in NEOM debt tokens. Users will be compensated according to their losses in USD terms.