The hacker who drained UXLINK in a high-profile exploit has mockingly turn into a sufferer of crypto crime himself.
On Sept. 23, blockchain safety platform Rip-off Sniffer reported that the attacker misplaced roughly 542 million UXLINK tokens, valued at greater than $50 million, to a phishing scheme executed by one other unhealthy actor.
SlowMist co-founder Yu Xian instructed the theft bore the hallmarks of Inferno Drainer, a infamous “draining-as-a-service” (DaaS) supplier recognized for promoting phishing kits and pretend web sites.
Inferno Drainer’s involvement wouldn’t be fully shocking, contemplating the group is liable for stealing a number of million {dollars} from unsuspecting crypto customers throughout a number of chains.
Contemplating this, Xian mocked the irony of the state of affairs, noting that the hacker fell for primary authorization traps just like these he had deployed in opposition to UXLINK.
UXLINK hack
The unique UXLINK breach occurred on Sept. 22, when the AI-powered Web3 social platform was compromised.
Blockchain safety agency Cyvers reported that the breach started when an attacker executed a delegateCall operate to strip admin privileges and add themselves as an proprietor to the platform’s sensible contract.
This transfer allowed the theft of $4 million in USDT, $500,000 in USDC, 3.7 wrapped Bitcoin, and 25 ETH. The stolen stablecoins have been shortly swapped into DAI, whereas funds moved throughout the Ethereum and Arbitrum networks.
Hours later, a second deal with obtained 10 million UXLINK tokens, price about $3 million, and started offloading them by decentralized exchanges.
By Sept. 23, the state of affairs had escalated additional. Blockchain analytics platform Lookonchain reported that the attacker minted 2 billion UXLINK tokens and offered massive quantities throughout bEXs and centralized exchanges, netting 6,732 ETH, roughly $28 million.
In response, UXLINK confirmed the exploit and moved to restrict the injury.
The group said that it was working with exchanges to freeze stolen property. It additionally added that it has enlisted the assistance of blockchain safety agency PeckShield, and urged buying and selling platforms to droop UXLINK buying and selling pairs briefly.
It added:
“We’ll promptly provoke a token swap plan to make sure the integrity of our token economic system. Additional particulars and directions for the token swap shall be introduced shortly.”