The hacker who drained UXLINK in a high-profile exploit has mockingly change into a sufferer of crypto crime himself.
On Sept. 23, blockchain safety platform Rip-off Sniffer reported that the attacker misplaced roughly 542 million UXLINK tokens, valued at greater than $50 million, to a phishing scheme executed by one other unhealthy actor.
SlowMist co-founder Yu Xian steered the theft bore the hallmarks of Inferno Drainer, a infamous “draining-as-a-service” (DaaS) supplier recognized for promoting phishing kits and pretend web sites.
Inferno Drainer’s involvement wouldn’t be fully stunning, contemplating the group is accountable for stealing a number of million {dollars} from unsuspecting crypto customers throughout a number of chains.
Contemplating this, Xian mocked the irony of the state of affairs, noting that the hacker fell for fundamental authorization traps just like these he had deployed towards UXLINK.
UXLINK hack
The unique UXLINK breach occurred on Sept. 22, when the AI-powered Web3 social platform was compromised.
Blockchain safety agency Cyvers reported that the breach started when an attacker executed a delegateCall operate to strip admin privileges and add themselves as an proprietor to the platform’s good contract.
This transfer allowed the theft of $4 million in USDT$500,000 in USDC3.7 wrapped Bitcoin, and 25 ETH. The stolen stablecoins had been shortly swapped into DAI, whereas funds moved throughout the Ethereum and Arbitrator networks.
Hours later, a second handle obtained 10 million UXLINK tokens, price about $3 million, and started offloading them by way of decentralized exchanges.
By Sept. 23, the state of affairs had escalated additional. Blockchain analytics platform Lookonchain reported that the attacker minted 2 billion UXLINK tokens and bought giant quantities throughout bEXs and centralized exchanges, netting 6,732 ETH, roughly $28 million.
In response, UXLINK confirmed the exploit and moved to restrict the harm.
The staff said that it was working with exchanges to freeze stolen belongings. It additionally added that it has enlisted the assistance of blockchain safety agency PeckShield, and urged buying and selling platforms to droop UXLINK buying and selling pairs quickly.
It added:
“We are going to promptly provoke a token swap plan to make sure the integrity of our token financial system. Additional particulars and directions for the token swap might be introduced shortly.”
