UXLINK multisignature Wallet attacked: Token big dump 77%, hacker trapped nearly 30 million USD

The social finance platform UXLINK has encountered a severe security vulnerability, resulting in the breach of its multisignature Wallet and a large amount of unauthorized Token minting, triggering a panic selling in the market. The price of UX Token plummeted from $0.3 to $0.072 after the incident was disclosed, a decline of 77%, before slightly rebounding to over $0.1. This incident has once again sparked discussions regarding the security mechanisms of Crypto Assets, particularly the reliability of multisignature Wallets.

Attack Details: How Hackers Bypass Multisignature Protection

(Source: Cyvers Alerts)

According to an alert first issued by the blockchain security company Cyvers Alerts, abnormal trading activities have occurred on the UXLINK platform, with initial estimates of losses around $11.3 million. However, as the investigation deepens, analysis by Lookonchain indicates that the actual losses may be even more severe.

The hacker's attack methods are extremely sophisticated:

· First acquired 490 million UXLINK Tokens

· Subsequently, an additional 2 billion UXLINK were minted using the obtained permissions.

· A large dumping through six different wallet addresses on a decentralized exchange (DEX)

· Successfully cashed out 6,732 ETH (approximately 28.1 million USD)

· And continue dumping on centralized exchanges (CEX)

This type of attack pattern is particularly concerning because multisignature wallets are generally considered a safer option than single private key wallets. Multisignature requires multiple authorized parties to jointly approve a transaction, which theoretically can effectively prevent single points of failure. However, this incident indicates that even such advanced security mechanisms have exploitable vulnerabilities.

UXLINK Team Emergency Response Measures

The UXLINK team quickly took a series of response measures after confirming the security vulnerabilities:

· Contact major centralized exchanges to suspend UXLINK trading

· Collaborated with security experts such as PeckShield to investigate the incident.

· Report this attack to law enforcement agencies

· Announce the launch of the Token swap plan to maintain the integrity of the token economy.

· Announcement to warn community members to suspend trading UXLINK on DEX.

In the latest security notice, the UXLINK team stated: “Most of the stolen assets have been frozen, and cooperation with the exchange remains strong. There are currently no signs that individual user Wallets have become targets of the attack.”

The security of multisignature Wallet is questioned

This incident has sparked widespread discussion about the security of multisignature wallets. Multisignature (MultiSig) technology is designed to require multiple private key holders to jointly authorize transactions, which should theoretically be more secure than single signature wallets.

However, security experts point out that multisignature Wallets may have the following vulnerabilities:

Poor key management: If multiple keys are stored in similar or related systems.

Social engineering attacks: targeted attacks against key holders

Smart Contract Vulnerabilities: Code Defects in Multisignature Implementation

Internal Threats: Collusion Among Authorized Signers

The security advisor for Crypto Assets, Alex Mathers, stated: “The security of a multisignature Wallet depends on how it is implemented and the key management process. Even the most advanced security systems can be compromised if not implemented correctly or if there are human factors involved.”

Market Reaction and Investor Losses

The big dump of the UXLINK Token price has caused significant losses for investors. Before the incident, UXLINK was gaining market attention as a social finance platform, with its Token having risen more than 200% in the past three months.

However, this security incident caused a market value evaporation of over 70 million dollars within a few hours. Many investors expressed concerns about the project's future on social media, particularly regarding the details and timeline of the Token swap plan.

A large holder who prefers to remain anonymous stated: “This security vulnerability has dealt a serious blow to the trust in the entire project. Even if the Token swap plan is implemented smoothly, restoring market confidence will be a long process.”

The frequent warnings of security incidents in Crypto Assets

The security incidents of UXLINK are not isolated cases. Since 2023, the cryptocurrency industry has experienced multiple significant security incidents, with total losses exceeding 1 billion USD. These incidents include various forms such as smart contract vulnerabilities, cross-chain bridge attacks, flash loan attacks, and private key leaks.

Data from the blockchain security company Chainalysis shows that cryptocurrency theft incidents increased by 30% in the third quarter of 2023 compared to the previous quarter, with multisignature wallets and DeFi protocols becoming the main targets of attacks.

Security experts recommend that project parties and investors take the following measures:

· Regularly conduct smart contract audits

· Implement multi-layered security protection

· Use cold Wallet to store a large amount of assets

· Restrict smart contract permissions

· Establish an effective security incident response mechanism

The Future Development of UXLINK

The UXLINK team stated that they will continue to work with security experts to investigate this incident and have committed to enhancing the platform's security standards. Details of the token swap plan will be announced through official channels in the coming days.

For investors holding UXLINK tokens, the team recommends:

· Suspend trading of UXLINK Token on any platform

· Follow official channels for the latest information

· Do not share wallet information with unverified third parties.

· Waiting for the official guide of the Token swap plan

Despite facing severe challenges, the UXLINK team stated that they will be committed to rebuilding community trust and strengthening the platform's security infrastructure. However, market analysts pointed out that project recoveries after similar security incidents typically take months or even years, and the success rate depends on the team's transparency and responsiveness.