UXLINK Hack Drains $11M, Token Plunges 70% in Multisig Attack
On September 22, the UXLINK hack exploited a multisignature wallet flaw to gain admin rights and siphon roughly $11 million in USDT, USDC, WBTC and ETH. The attacker converted funds to DAI on Ethereum, swapped Arbitrum USDT for ETH, and bridged assets on-chain. Next, about 1–2 billion UXLINK tokens were minted on Arbitrum, with nearly 490–542 million dumped across DEXs and CEXs, triggering a token crash from $0.30 to $0.09—a 70% plunge that erased over $70 million in market cap. Exchanges like Upbit froze $5–7 million in suspect deposits, but approximately 6,732 ETH (≈$28 million) remains in attacker wallets. In an ironic twist, the hacker fell victim to a phishing scheme (Inferno Drainer) and lost about 542 million UXLINK (~$48 million). UXLINK has engaged law enforcement and security firms, launched a token swap to restore trust, and warned users to avoid unauthorized tokens. The UXLINK hack underscores persistent multisig vulnerabilities and the need for rigorous smart contract audits and stronger DeFi security frameworks.
Bearish
The UXLINK hack caused a swift 70% plunge in the UXLINK token price and wiped out over $70 million in market cap, signaling strong bearish sentiment. Immediate forced selling of newly minted tokens and the loss of user confidence are likely to maintain downward pressure on UXLINK’s price in the short term. Meanwhile, although token freezes and swap measures may partially restore trust, the exposed multisig vulnerability and phishing fallout will deter investors until comprehensive smart contract audits and security hardening are completed, sustaining a bearish outlook.