Key Highlights
- The UXLINK hacker recently swapped 5,496 ETH for 11M DAI, likely to preserve capital amid market volatility.
- UXLINK crashed 90% as billions of unauthorized tokens were minted and partially cashed out.
- While the hacker profited nearly $1M on their ETH-DAI trade, they are currently sitting on a $2.68M loss on their Wrapped Bitcoin (WBTC) holdings.
In a significant move to liquidate stolen assets, the UXLINK hacker swapped 5,496 ETH for about 11 million DAI. Security firm PeckShieldAlert flagged the transaction on X, noting that the funds trace back to the UXLINK’s multisignature wallet breach on September 22, 2025, that caused losses exceeding $44 million.
The move shows the hacker aimed to cash out a large chunk of Ethereum into a stablecoin, likely to lock in profits and reduce the risk from ETH’s price swings.
Blockchain analytics firm Lookonchain confirmed, “The UXLINK exploiter sold 5,496 $ETH($11.82M) at an average price of $2,150 in the past 2 hours, making a $935K profit. They still hold 203 $WBTC($14.2M) bought at $83,225 on Jan 30, now down $2.68M.” The exploiter continues to hold substantial WBTC, despite its decline in value.
Token collapse and on-chain fallout
UXLINK’s token plunged more than 90% after the hacker created billions of unauthorized tokens in September 2025. The token now trades around $0.0044, with a 24-hour trading volume of just over $360,000, down almost 99% from its all-time high of $3.75 in December 2024, according to data from CoinMarketCap.
After the breach, the project quickly reached out to centralized exchanges to block suspicious deposits and informed authorities. UXLINK said, “A large portion of the stolen assets has already been frozen, and collaboration with exchanges remains strong.”
Security firm PeckShield reported that the hacker first minted 1 billion UXLINK tokens, then created another billion. On-chain analysts at Hacken estimated the total mint reached nearly 10 trillion tokens, though 9.95 trillion of them were swapped for just 16 ETH, worth roughly $67,000.
In a twist, blockchain tracker Lookonchain flagged that the attacker lost over 500 billion tokens through a phishing attack. UXLINK reminded users to stay alert and rely only on official channels for updates.
Broader crypto security context
The UXLINK hack is an extension of other significant cryptocurrency hacks, such as the Upbit hack, in which over $30 million was stolen. In January, the same hacker was seen moving 1,500 ETH via Tornado Cash, a tool that masks transaction information.
At a broader level, there has been a sanctioning of people involved in North Korea’s IT fraud schemes in the US, which garnered nearly $800 million in 2024. The UXLINK breach serves as a stark reminder that even “secure” multisig wallets are only as strong as the operational security of their signers.
Also Read: UK Cracks Down on Zedxion Linked to Iran’s Revolutionary Guards
