{"id":11503,"date":"2025-09-23T11:22:58","date_gmt":"2025-09-23T11:22:58","guid":{"rendered":"https:\/\/bitunikey.com\/news\/uxlink-exploiter-loses-542m-illegally-minted-tokens-in-phishing-attack\/"},"modified":"2025-09-23T11:23:00","modified_gmt":"2025-09-23T11:23:00","slug":"uxlink-exploiter-loses-542m-illegally-minted-tokens-in-phishing-attack","status":"publish","type":"post","link":"https:\/\/bitunikey.com\/news\/uxlink-exploiter-loses-542m-illegally-minted-tokens-in-phishing-attack\/","title":{"rendered":"UXLINK exploiter loses 542M illegally minted tokens in phishing attack"},"content":{"rendered":"<div class=\"post-detail__content blocks\">\n<p class=\"is-style-lead\">The UXLINK hack has taken an unexpected twist after the exploiter themselves fell victim to a phishing scam, losing over 542 million tokens to the notorious Inferno Drainer group.<\/p>\n<div id=\"cn-block-summary-block_98404e54e9e902b986c1969a847e07e6\" class=\"cn-block-summary\">\n<div class=\"cn-block-summary__nav tabs\">\n        <span class=\"tabs__item is-selected\">Summary<\/span>\n    <\/div>\n<div class=\"cn-block-summary__content\">\n<ul class=\"wp-block-list\">\n<li>Blockchain security firm ScamSniffer flagged that the exploiter signed a malicious <code>increaseAllowance<\/code> approval, enabling phishing addresses to drain more than $43M in UXLINK tokens.<\/li>\n<li>SlowMist founder Yu Xian said the theft was likely carried out by Inferno Drainer using ordinary authorization phishing methods.<\/li>\n<li>The incident compounds UXLINK\u2019s ongoing crisis, following a $11.3M multi-sig breach and continued unauthorized token minting, with the project now preparing a token swap to restore integrity.<\/li>\n<\/ul><\/div>\n<\/div>\n<p><!-- .cn-block-summary --><\/p>\n<p>The UXLINK saga took an unexpected turn as the exploiter\u2019s wallet was targeted in a phishing attack. Approximately 542 million UXLINK tokens were siphoned after the address signed a malicious <code>increaseAllowance<\/code> transaction, blockchain security platform ScamSniffer <a rel=\"nofollow\" target=\"_blank\" rel=\"nofollow\" href=\"https:\/\/x.com\/realScamSniffer\/status\/1970322013597450609\">reported<\/a> on Tuesday.<\/p>\n<p>According to on-chain data, the suspicious approval was executed around noon UTC, allowing a phishing contract to drain more than $43 million at market prices, scattered across multiple addresses that investigators have already tagged as malicious.<\/p>\n<figure class=\"wp-block-image size-full\"><figcaption class=\"wp-element-caption\">Source: <a rel=\"nofollow\" target=\"_blank\" rel=\"nofollow\" href=\"https:\/\/x.com\/realScamSniffer\/status\/1970322013597450609\">@realScamSniffer<\/a><\/figcaption><\/figure>\n<p>According to Yu Xian, founder of SlowMist, the exploiter likely fell victim to the well-known phishing group Inferno Drainer. In a post on X, Yu <a rel=\"nofollow\" target=\"_blank\" rel=\"nofollow\" href=\"https:\/\/x.com\/evilcos\/status\/1970332831890248173\">said<\/a> that \u201cthe approximately 542 million UXLINK tokens stolen earlier may have been phished away by the Inferno Drainer using ordinary authorization phishing methods.\u201d<\/p>\n<p>    <!-- .cn-block-related-link --><\/p>\n<h2 class=\"wp-block-heading\">The <strong>UXLINK fallout<\/strong><\/h2>\n<p>This latest incident follows a multi-sig wallet breach disclosed on Sept. 22, when attackers exploited a <em>delegateCall<\/em> vulnerability to seize administrator rights. That attack saw $11.3 million in assets \u2014 including ETH, WBTC, and stablecoins \u2014 rerouted through Ethereum and Arbitrum. Since then, the exploiter address has continued unauthorized minting of billions of UXLINK tokens and selling them on DEXs and bridging proceeds into ETH.<\/p>\n<p>The project\u2019s token price has plummeted more than 70% since the breach, wiping out nearly $70 million in market value. In response, UXLINK has confirmed plans for a token swap to restore supply integrity and is working with centralized exchanges to suspend deposits and freeze suspicious wallets.<\/p>\n<p>Whether the token swap can fully repair trust in the ecosystem remains to be seen, but today\u2019s phishing exploit highlights a broader vulnerability in crisis situations: once a wallet is compromised, attackers often exploit secondary approvals and allowances to extract even more value. <\/p>\n<p>    <!-- .cn-block-related-link --><\/p>\n<\/p><\/div>\n","protected":false},"excerpt":{"rendered":"<p>The UXLINK hack has taken an unexpected twist after the exploiter themselves fell victim to a phishing scam, losing over 542 million tokens to the notorious Inferno Drainer group. Summary&hellip;<\/p>\n","protected":false},"author":1,"featured_media":9547,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-11503","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cryptocurrency"],"_links":{"self":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts\/11503","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/comments?post=11503"}],"version-history":[{"count":1,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts\/11503\/revisions"}],"predecessor-version":[{"id":11504,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts\/11503\/revisions\/11504"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/media\/9547"}],"wp:attachment":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/media?parent=11503"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/categories?post=11503"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/tags?post=11503"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}