UXLINK Hacked for $11.3M in Multisig Wallet Exploit- Crypto Hacks Surpasses $3 billion in 2025

• UXLINK has reported a significant security breach involving its multi-signature wallet.

• On-chain trackers flagged outflows totaling approximately $11.3 million across multiple assets.

• 2025 is turning out to be the worst year with hackers running rampant than ever before.

In a significant blow for the crypto market, hackers have exploited UXLINK, extending a year-long period of crypto hacks. In 2025, hackers have exploited various crypto platforms, including Bybit, with a billion in Crypto hacked. In fact, the market reported over $1.93 billion hacked in the first quarter of 2025, positioning the year as the worst year of Crypto regarding rising crime.

UXLINK was hacked for $11.3 million

UXLINK, a social-focused Web3 platform, has reported a significant security breach involving its multi-signature wallet. Blockchain security trackers, including Cyvers Alerts, flagged suspicious outflows totaling approximately $11.3 million across multiple assets, sparking fresh concerns about smart contract security and multisig governance.

How the Exploit Unfolded

According to blockchain data, one Ethereum address executed a delegateCall, a method often used in smart contracts that, if misconfigured, can be exploited. The attacker used this to remove the existing admin role and add a new multisig owner through the function addOwnerWithThreshold.

Once control was secured, the attacker drained assets, $4 million USDT, $500,000 USDC, 3.7 WBTC, and 25 ETH.

Within minutes, another address linked to the exploit received 10 million UXLINK tokens worth ~$3 million. These tokens were quickly moved to exchanges, with around $800K sold immediately, while roughly $2.2 million in tokens remain unswapped at the time of reporting.

Asset Movements After the Attack

Investigators noted that most of the stablecoins were swapped into DAI on the Ethereum network. Meanwhile, funds on Arbitrum were converted from USDT to ETH before being bridged back to Ethereum. These moves suggest an attempt by the attacker to obfuscate the flow of funds and reduce the risk of centralized freezing.

UXLINK's Response

The UXLINK team confirmed the incident, describing it as an unauthorized breach of its multi-signature wallet. In an official statement, the project said it is working with both internal and external security experts to identify the cause of the exploit.

The team has also contacted several centralized and decentralized exchanges in an effort to freeze the suspicious deposits and minimize further losses. UXLINK assured its community that additional updates will follow as the investigation continues.

Security Lessons and Industry Impact

This incident highlights the ongoing risks associated with multisig wallets and innovative contract management. While multisigs are designed to enhance security, improper configurations or vulnerabilities in upgrade functions can provide an entry point for attackers.

With more projects moving large reserves into multisig and DAO-controlled wallets, this breach serves as a reminder that even advanced custody solutions must undergo continuous audits, monitoring, and security reviews.

Importantly, the hack is a major wake-up call for all market players to improve security and invest heavily to protect investors' funds from potential security breaches.

Therefore, with Crypto at an all-time high, it's natural for bad players to seek ways to capitalize, and it's only for firms and other players to work on avoiding such incidents.

Previous: Gold hits record high above $3720