AI-powered Web3 social platform and infrastructure UXLink saw its crypto token collapse by over 90% after a malicious actor minted billions of unauthorized tokens.
On Tuesday, the project announced that it had identified a breach involving its multisignature wallet. The company said a significant amount of crypto was being illicitly transferred to centralized and decentralized exchanges (DEXs).
UXLink said it had reached out to exchanges to freeze suspicious deposits and reported the incident to law enforcement. In another update, the company confirmed some of the funds had been frozen with the help of exchanges.
“A large portion of the stolen assets has already been frozen, and collaboration with exchanges remains strong,” UXlink said.
Hacker mints 1 billion UXLINK tokens. Source: EtherscanFrom multisig breach to mass token minting
After confirming the breach, UXLink flagged that the attacker had started the unauthorized minting of tokens.
Blockchain security company PeckShield said the hacker initially minted 1 billion UXLINK tokens, warning traders to refrain from interacting with the crypto asset. PeckShield said the attackers minted another 1 billion tokens after the first mint.
After these initial mints, the hacker kept minting UXLINK tokens. Onchain analysts at Hacken estimated that the hacker minted almost 10 trillion tokens.
Despite the massive mint, Hacken said the attacker swapped 9.95 trillion tokens for 16 Ether (ETH), worth about $67,000. The company estimated overall losses from the incident at more than $30 million.
In response to the unauthorized token mints, UXLink publicly reached out to centralized exchanges (CEXs) to temporarily suspend trading of its token. The company also said it will initiate a token swap plan to protect its ecosystem.
Source: UXLINKPrice crash and twist in the attack
As the security incident transpired, the UXLINK token saw a steep decline, dropping 90% from $0.33 to $0.033. At the time of writing, the token had recovered to $0.11.
UXLINK seven-day price chart. Source: CoinGeckoMeanwhile, onchain analysis company Lookonchain flagged that while the attacker was busy minting tokens, they lost over 500 billion UXLINK tokens through a phishing attack.
Related: Crypto.com says report of undisclosed user data leak ‘unfounded’
UXLink asks users to stay alert and follow official channels
In an update, the company said there were no signs of individual wallets being affected by the attack. However, UXLink urged users to stay alert and follow only the official communication channels as their information source.
The company said it’s working on the token swap plan and will announce it soon. “Further details and instructions for the token swap will be announced shortly,” UXLink wrote.
In its latest update, UXLink said it had submitted a new smart contract for a security audit. The company said the new contract will have a fixed supply, ensuring that no new tokens will ever be created.
The company also said it is preparing a comprehensive incident report in collaboration with its security partners.
Magazine: Thailand’s ‘Big Secret’ crypto hack, Chinese developer’s RWA tokens: Asia Express
Source: https://cointelegraph.com/news/uxlink-token-cruxlink-hack-turns-ironic-attacker-phishedash-hacker-mints-billions?utm_source=rss_feed&utm_medium=feed&utm_campaign=rss_partner_inbound
