UXLink Hack Turns Ironic as Attacker Gets Phished Mid-Exploit
In a bizarre twist, hackers who breached the multisignature wallet of AI-powered Web3 social platform and infrastructure UXLink have found themselves on the receiving end of a phishing scam. The breach, which occurred earlier this week, resulted in the theft of approximately $30 million worth of assets and the minting of 10 trillion UXLINK tokens.
According to UXLink, the attacker initially breached the multisignature wallet, siphoning off a significant amount of cryptocurrency to centralized and decentralized exchanges (DEXs). The company promptly notified law enforcement and worked with exchanges to freeze suspicious deposits. In a subsequent update, UXLink confirmed that some of the stolen funds had been successfully frozen.
However, as the security incident unfolded, the attacker took matters into their own hands, minting billions of unauthorized UXLINK tokens on the blockchain. Blockchain security company PeckShield warned traders to steer clear of the crypto asset following the initial token mint, which saw the hacker create 1 billion tokens. Despite this warning, the attacker continued to mint more tokens, eventually producing almost 10 trillion.
Despite their best efforts to cash out the stolen assets, the attackers were left with a surprise in store for them – a phishing scam that would ultimately be their downfall. Onchain analysts at Hacken estimated that the hacker swapped 9.95 trillion UXLINK tokens for 16 Ether (ETH), worth approximately $67,000.
The consequences of this attack have been severe, with UXLink's token price plummeting by over 90% in a matter of hours, dropping from $0.33 to just $0.033. However, the token has since recovered somewhat, trading at around $0.11 as of writing.
Meanwhile, onchain analysis company Lookonchain revealed that while the attacker was busy minting tokens, they lost an astonishing 500 billion UXLINK tokens due to a phishing attack. Thankfully, individual wallets appear to have been unaffected by this attack, although UXLink has urged users to exercise caution and follow official communication channels for further information.
In response to the breach and subsequent token losses, UXLink has announced plans to initiate a token swap plan to protect its ecosystem. The company also submitted a new smart contract for security auditing and is working on a comprehensive incident report in collaboration with its security partners.
"Further details and instructions for the token swap will be announced shortly," UXLink wrote in an update. "The company's commitment to user safety and security remains unwavering, even in the face of adversity."