ExchangeDEX+

Buy Crypto Markets Spot Futures500X Earn Events

The UXLINK hack has taken an unexpected twist after the exploiter themselves fell victim to a phishing scam, losing over 542 million tokens to the notorious Inferno Drainer group. The UXLINK saga took an unexpected turn as the exploiter’s wallet…The UXLINK hack has taken an unexpected twist after the exploiter themselves fell victim to a phishing scam, losing over 542 million tokens to the notorious Inferno Drainer group. The UXLINK saga took an unexpected turn as the exploiter’s wallet…

UXLINK exploiter loses 542M illegally minted tokens in phishing attack

Author: Crypto.news

Source: Crypto.news

2025/09/23 17:23

SAGA$0.05691-2.63%

SCAM$0.00003913-0.05%

WALLET$0.01819+5.32%

The UXLINK hack has taken an unexpected twist after the exploiter themselves fell victim to a phishing scam, losing over 542 million tokens to the notorious Inferno Drainer group.

Summary

Blockchain security firm ScamSniffer flagged that the exploiter signed a malicious increaseAllowance approval, enabling phishing addresses to drain more than $43M in UXLINK tokens.
SlowMist founder Yu Xian said the theft was likely carried out by Inferno Drainer using ordinary authorization phishing methods.
The incident compounds UXLINK’s ongoing crisis, following a $11.3M multi-sig breach and continued unauthorized token minting, with the project now preparing a token swap to restore integrity.

The UXLINK saga took an unexpected turn as the exploiter’s wallet was targeted in a phishing attack. Approximately 542 million UXLINK tokens were siphoned after the address signed a malicious increaseAllowance transaction, blockchain security platform ScamSniffer reported on Tuesday.

According to on-chain data, the suspicious approval was executed around noon UTC, allowing a phishing contract to drain more than $43 million at market prices, scattered across multiple addresses that investigators have already tagged as malicious.

UXLINK exploiter loses 542M illegally minted tokens in phishing attack - 1

According to Yu Xian, founder of SlowMist, the exploiter likely fell victim to the well-known phishing group Inferno Drainer. In a post on X, Yu said that “the approximately 542 million UXLINK tokens stolen earlier may have been phished away by the Inferno Drainer using ordinary authorization phishing methods.”

The UXLINK fallout

This latest incident follows a multi-sig wallet breach disclosed on Sept. 22, when attackers exploited a delegateCall vulnerability to seize administrator rights. That attack saw $11.3 million in assets — including ETH, WBTC, and stablecoins — rerouted through Ethereum and Arbitrum. Since then, the exploiter address has continued unauthorized minting of billions of UXLINK tokens and selling them on DEXs and bridging proceeds into ETH.

The project’s token price has plummeted more than 70% since the breach, wiping out nearly $70 million in market value. In response, UXLINK has confirmed plans for a token swap to restore supply integrity and is working with centralized exchanges to suspend deposits and freeze suspicious wallets.

Whether the token swap can fully repair trust in the ecosystem remains to be seen, but today’s phishing exploit highlights a broader vulnerability in crisis situations: once a wallet is compromised, attackers often exploit secondary approvals and allowances to extract even more value.

Market Opportunity

SAGA Price(SAGA)

$0.05691

$0.05691$0.05691

-3.55%

USD

SAGA (SAGA) Live Price Chart

Disclaimer: The articles reposted on this site are sourced from public platforms and are provided for informational purposes only. They do not necessarily reflect the views of MEXC. All rights remain with the original authors. If you believe any content infringes on third-party rights, please contact service@support.mexc.com for removal. MEXC makes no guarantees regarding the accuracy, completeness, or timeliness of the content and is not responsible for any actions taken based on the information provided. The content does not constitute financial, legal, or other professional advice, nor should it be considered a recommendation or endorsement by MEXC.