The hacker who drained UXLINK in a high-profile exploit has mockingly turn into a sufferer of crypto crime himself.
On Sept. 23, blockchain safety platform Rip-off Sniffer reported that the attacker misplaced roughly 542 million UXLINK tokens, valued at greater than $50 million, to a phishing scheme executed by one other unhealthy actor.
SlowMist co-founder Yu Xian steered the theft bore the hallmarks of Inferno Drainer, a infamous “draining-as-a-service” (DaaS) supplier recognized for promoting phishing kits and pretend web sites.
Inferno Drainer’s involvement wouldn’t be solely shocking, contemplating the group is accountable for stealing a number of million {dollars} from unsuspecting crypto customers throughout a number of chains.
Contemplating this, Xian mocked the irony of the scenario, noting that the hacker fell for primary authorization traps much like these he had deployed in opposition to UXLINK.
UXLINK hack
The unique UXLINK breach occurred on Sept. 22, when the AI-powered Web3 social platform was compromised.
Blockchain safety agency Cyvers reported that the breach started when an attacker executed a delegateCall operate to strip admin privileges and add themselves as an proprietor to the platform’s sensible contract.
This transfer allowed the theft of $4 million in USDT, $500,000 in USDC, 3.7 wrapped Bitcoin, and 25 ETH. The stolen stablecoins had been rapidly swapped into DAI, whereas funds moved throughout the Ethereum and Arbitrum networks.
Hours later, a second tackle acquired 10 million UXLINK tokens, price about $3 million, and commenced offloading them by way of decentralized exchanges.
By Sept. 23, the scenario had escalated additional. Blockchain analytics platform Lookonchain reported that the attacker minted 2 billion UXLINK tokens and offered massive quantities throughout bEXs and centralized exchanges, netting 6,732 ETH, roughly $28 million.
In response, UXLINK confirmed the exploit and moved to restrict the injury.
The staff acknowledged that it was working with exchanges to freeze stolen property. It additionally added that it has enlisted the assistance of blockchain safety agency PeckShield, and urged buying and selling platforms to droop UXLINK buying and selling pairs briefly.
It added:
“We’ll promptly provoke a token swap plan to make sure the integrity of our token financial system. Additional particulars and directions for the token swap will likely be introduced shortly.”
Talked about on this article
