UXLINK Hacker Continues to Offload Stolen Funds
The UXLINK hack saga continues as the attacker converts more stolen assets. On-chain data shows the hacker recently converted about 1,620 ETH into DAI stablecoins, worth around $6.8 million.This is the first major cash-out attempt since the exploit.
The hacker has been shuffling funds across various wallets and exchanges to cover their tracks. Though, they faced a setback when they lost a significant portion of the stolen tokens to a phishing attack. The Inferno Drainer group drained 542 million UXLINK tokens, valued at roughly $43 million.
Despite these losses, the attacker still holds millions in assorted assets. The UXLINK hack began on September 22, exploiting a delegate call vulnerability in the project’s multi-signature wallet. This allowed the attacker to mint nearly 10 trillion CRUXLINK tokens on the Arbitrum blockchain and liquidate them for ETH and USDC.
UXLINK responded by alerting exchanges to freeze suspicious transactions and working with security firms. They also deployed emergency measures, including a token migration to a newly audited smart contract with a capped supply.
The latest asset conversions complicate recovery efforts. It remains unclear if the hacker will make more moves in the near future.
