Author: Deng Tong, Golden Finance
In the early morning of September 23, 2025, the security company Cyvers detected a suspicious transaction involving UXLINK amounting to $11.3 million. UXLINK is suspected to have been stolen. This morning, SlowMist confirmed on platform X that UXLINK had suffered a hacker attack.
After the hacker attack, UXLINK plummeted, trading at $0.08529 at the time of publication, a 71.9% drop in 24 hours. However, just two weeks ago, on September 10, UXLINK's CEO Rolland Saf announced plans to prepare for a six-year campaign for the 2032 presidential election in Cameroon.
This article outlines the UXLINK theft incident and the responses from UXLINK officials and various parties, analyzes the reasons for the theft, and discusses the impact of the UXLINK theft.
1. Restoration of the Theft Incident and Responses from UXLINK Officials and Various Parties
At 00:43, security company Cyvers was the first to release information about the suspected theft of UXLINK: an Ethereum address executed a delegateCall, removed administrator privileges, and called "addOwnerWithThreshold," then transferred out 4 million USDT, 500,000 USDC, 3.7 WBTC, and 25 ETH. All USDC/USDT on the Ethereum network were exchanged for DAI, while USDT on the Arbitrum network was exchanged for ETH and cross-chain transferred to the Ethereum network. Minutes later, another address received 10 million UXLINK (approximately $3 million) and began exchanging.
About an hour later, UXLINK posted on X, confirming the theft:
Emergency Security Notice
We have discovered a security vulnerability in our multi-signature wallet, which has led to a large amount of cryptocurrency being illegally transferred to centralized exchanges (CEX) and decentralized exchanges (DEX).
Our team is working around the clock with internal and external security experts to identify the root cause and control the situation. We have contacted major centralized exchanges (CEX) and decentralized exchanges (DEX) to urgently freeze suspicious UXLINK deposits and are closely cooperating with them to prevent further transfer of funds. We have reported this incident to the police and relevant authorities to expedite legal action and recovery of funds.
We are committed to maintaining transparency and will continue to update the community on the latest developments in a timely manner.
This morning, UXLINK officials released two updates on the security incident:
The team has closely collaborated with various exchanges to successfully freeze most of the stolen assets. The team has commissioned @peckshield to assist in the investigation and strengthen asset recovery efforts. Officials stated that no direct attacks on individual user wallets have been detected and that a clear account recovery and compensation plan will be formulated as soon as possible.
After the hacker stole the funds, they minted an additional 1 billion UXLINK on-chain.
UXLINK confirmed the hacker's minting of UXLINK: "We have detected that malicious actors are continuously minting unauthorized UXLINK tokens. To protect the community and ecosystem, we are taking urgent measures: We are urgently contacting major centralized exchanges (CEX) to temporarily suspend UXLINK trading. We will immediately initiate a token swap plan to ensure the integrity of the token economy. Details and operational guidelines regarding the token swap will be announced soon. We strongly advise all community members to remain vigilant and obtain the latest information only through official channels."
According to Lookonchain monitoring, the UXLINK hacker sold UXLINK on-chain through six addresses, obtaining 6,732 ETH, worth $28.1 million. Additionally, the hacker sold a large amount of UXLINK on various CEX.
However, the hacker seems to have encountered a "black eat black" situation. According to Scam Sniffer monitoring, the address exploited in the UXLINK incident allegedly signed a malicious increaseAllowance authorization to a phishing contract, resulting in approximately 542 million UXLINK being transferred to the phishing address.
Due to signs of a suspected security incident, South Korean exchanges Upbit and Bithumb have designated UXLINK as a "trading warning" project; Upbit has also suspended UXLINK deposits and withdrawals, with specific recovery times to be notified later. Both exchanges stated that they will conduct technical and compliance assessments according to trading warning procedures before deciding whether to adjust trading support and related services.
2. Reasons for the Theft
SlowMist stated on platform X, "After looking into the UXLINK theft situation, it is highly likely that several private keys related to UXLINK's Safe multi-signature were leaked. The key hacker operations involved changing the owner of the target Safe multi-signature to: 0x2EF43c1D0c88C071d242B6c2D0430e1751607B87, and then 0x2EF43c completed the subsequent fund transfer operations. We @SlowMistTeam, @MistTrackio, and @im23pds are assisting the project team in following up on this investigation."
3. What is UXLINK?
UXLINK was registered in Singapore in 2023 and is an innovative web3 social system designed for mass adoption, allowing users to build social assets and trade cryptocurrencies. It includes a series of highly modular Dapps, from onboarding to graphical formation, group tools to social trading, all seamlessly integrated within Telegram.
March 2023: UXLINK Dapp officially launched on the Telegram platform.
March 2024: Secured $9 million in funding led by OKX Ventures.
May 2024: Secured $5 million in funding led by SevenX, HashKey Capital, and INCE Capital. At the same time, the number of registered users surpassed 10 million, becoming the largest Web3 social platform and infrastructure globally.
July 2024: UXLINK was listed on multiple mainstream trading platforms.
June 2025: UXLINK performed outstandingly on Upbit, with a maximum increase of 17%, becoming the top gainer on the platform.
4. Impact of the UXLINK Theft Incident
1. Economic Losses for UXLINK
As mentioned at the beginning of the article, the theft of UXLINK directly led to a more than 70% drop in the price of UXLINK tokens, and the hacker continues to sell UXLINK on-chain and on various CEX, which will undoubtedly further increase the selling pressure in the market.
The situation is particularly severe as the hacker minted an additional 1 billion UXLINK on-chain, which will directly impact the token's economic model — the original total supply was only 1 billion, and after the minting, the circulating supply doubled, completely diluting the rights of existing holders.
2. Decrease in User Trust in UXLINK
Following this hacker theft incident, user trust in UXLINK has significantly declined. Even with endorsements from previous investors like OKX Ventures, SevenX, and HashKey Capital, users have begun to raise various questions about UXLINK. The X account of UXLINK is filled with inquiries: compensation plans, asset recovery, and other issues that UXLINK needs to address directly.
3. Reflection on the Security of "Multi-Signature Wallets"
Multi-signature wallets require multiple keys to jointly authorize transactions, rather than being controlled by a single user. This mechanism enhances security and prevents unauthorized fund operations. However, the core issue for UXLINK is the "leakage of multi-signature private keys," which indicates that even with "multi-signature" in place, security issues may still exist, such as "private key" leakage. For cryptocurrency projects, more standardized management of private keys and further enhancement of fund security are fundamental guarantees for the long-term development of the project.
Conclusion
Although UXLINK is renowned as the "largest Web3 social platform globally," years of accumulated reputation ultimately cannot withstand a single hacker attack. Whether UXLINK can turn the tide and regain lost user and market confidence will depend on the platform's subsequent asset recovery efforts and user compensation plans, among other specific developments.
免责声明:本文章仅代表作者个人观点,不代表本平台的立场和观点。本文章仅供信息分享,不构成对任何人的任何投资建议。用户与作者之间的任何争议,与本平台无关。如网页中刊载的文章或图片涉及侵权,请提供相关的权利证明和身份证明发送邮件到support@aicoin.com,本平台相关工作人员将会进行核查。
