The Web3 Heist: How a Crypto Hacker Was Robbed of Their Own Loot
On the morning of September 23, reports emerged of a large-scale attack on the Web3 platform UXLINK. The company confirmed that attackers had siphoned off substantial amounts of cryptocurrency before moving on to the uncontrolled issuance of its native tokens, causing their value to plummet by 70% within a single day.
On the evening of September 22, the UXLINK team disclosed that its multi-signature wallet had been compromised, with assets drained to both centralized and decentralized exchanges. While a portion of the stolen funds was successfully frozen, the attack escalated the following morning: according to the company, the intruders began illegitimately minting new UXLINK tokens. In effect, the attackers were conjuring assets “out of thin air,” dramatically inflating supply.
Experts recorded the creation of at least 2 billion tokens, valued at roughly $183 million at the time of reporting. In response, the platform’s developers appealed to major exchanges to suspend trading of their coin, but the collapse was already underway.
Specialists reported losses exceeding $21.7 million. Further investigation revealed that the attacker’s address had executed a malicious increaseAllowance approval, enabling the transfer of approximately 542 million UXLINK tokens to phishing wallets. The team quickly faced harsh criticism from industry experts, who noted that after the first signs of compromise, developers remained inactive for over 10 hours, giving attackers ample time to return and continue their manipulations.
The incident then took an unexpected twist: according to Lookonchain, the attacker himself fell victim to phishing and lost 542 million UXLINK tokens (around $48 million). While details of this episode remain scarce, the event underscores the fragile and chaotic state of control over assets within the ecosystem — even for those orchestrating the crime.
Support Our Threat Intelligence
If you find our technology report and cybersecurity news helpful, consider supporting our work.
Buy Me a Coffee
PayPal
