Skip to main content
Security

UXLINK Multi-Sig Wallet Exploited, $11.3 Million Drained via DelegateCall

A critical delegate call vulnerability in UXLINK's multi-signature wallet granted attackers full administrative control, enabling unauthorized asset draining and token minting.
September 27, 20253 min

The image displays a sleek, translucent device with a central brushed metallic button, surrounded by a vibrant blue luminescence. The device's surface exhibits subtle reflections, highlighting its polished, futuristic design, set against a dark background
The intricate design showcases a futuristic device with a central, translucent blue optical component, surrounded by polished metallic surfaces and subtle dark blue accents. A small orange button is visible, hinting at interactive functionality within its complex architecture

Briefing

On September 22, 2025, the UXLINK multi-signature wallet suffered a critical exploit, resulting in an estimated $11.3 million loss of digital assets. Attackers leveraged a delegate call vulnerability to seize administrative control, enabling unauthorized fund transfers and the minting of 10 trillion UXLINK tokens, which caused a 70% price collapse and eroded $2.1 billion in market value. This incident highlights the profound systemic risk associated with misconfigured smart contract functions in multi-signature architectures.

A futuristic, interconnected mechanism floats in a dark, star-speckled expanse, characterized by two large, segmented rings and a central satellite-like module. Intense blue light radiates from the central junction of the rings, illuminating intricate internal components and suggesting active data processing or energy transfer, mirroring the operational dynamics of a Proof-of-Stake PoS consensus algorithm or a Layer 2 scaling solution

Context

Prior to this incident, multi-signature wallets were generally considered a robust security measure, requiring multiple approvals for transactions. However, the prevailing attack surface included the inherent complexity of delegate call functions and the potential for misconfiguration, which could undermine the intended security guarantees. This class of vulnerability often arises when contract logic grants excessive privileges or fails to properly validate external calls, creating an exploitable pathway for adversaries.

The image displays a futuristic, angled device featuring a translucent blue lower casing that reveals intricate internal mechanisms, complemented by a sleek silver metallic top panel and a dark, reflective screen. Prominent silver buttons and a circular dial are integrated into its design, emphasizing interactive control and robust construction

Analysis

The incident’s technical mechanics centered on a delegate call vulnerability within UXLINK’s multi-signature wallet, specifically targeting the addOwnerWithThreshold function. The attacker exploited this flaw to remove legitimate admin privileges and replace them with their own address, effectively gaining full control over the wallet. This administrative access then facilitated unauthorized transfers, draining approximately $4 million in USDT, $500,000 in USDC, 3.7 WBTC, and 25 ETH. Concurrently, the attacker minted 10 trillion counterfeit UXLINK tokens on the Arbitrum blockchain, which were then partially liquidated, destabilizing the market and causing a severe price crash.

A clear sphere encases a white sphere marked with a dark line, positioned before a vibrant, geometric blue structure. This visual composition symbolizes the secure encapsulation of digital assets and protocols within the blockchain ecosystem

Parameters

  • Protocol Targeted ∞ UXLINK
  • Attack VectorDelegate Call Vulnerability (Multi-signature Wallet)
  • Financial Impact ∞ $11.3 Million (total estimated loss)
  • Affected Assets ∞ USDT, USDC, WBTC, ETH, UXLINK tokens
  • Affected Blockchain ∞ Arbitrum
  • Token Price Impact ∞ 70% collapse, $2.1 Billion market value eroded
  • Exploit Date ∞ September 22-23, 2025

A compact, intricate mechanical device is depicted, showcasing a sophisticated assembly of metallic silver and electric blue components. The blue elements are intricately etched with circuit board patterns, highlighting its electronic and digital nature

Outlook

Immediate mitigation for affected users involved UXLINK’s implementation of a token swap to restore supply integrity, while broader implications necessitate a re-evaluation of multi-signature wallet security. This incident will likely establish new security best practices, emphasizing mandatory smart contract audits, enhanced wallet security measures, and robust collaboration frameworks with exchanges to freeze illicit assets. Protocols must prioritize a “security-first” mindset, investing in continuous audits and bug bounty programs to preempt similar delegate call vulnerabilities.

The UXLINK exploit serves as a critical reminder that even established security primitives like multi-signature wallets are susceptible to sophisticated smart contract vulnerabilities, underscoring the urgent need for continuous auditing and rigorous access control validation across the digital asset landscape.

Signal Acquired from ∞ ainvest.com

Micro Crypto News Feeds

administrative control

Definition ∞ Administrative control denotes the authority an individual or entity possesses over a digital system, protocol, or asset.

multi-signature

Definition ∞ Multi-signature, often abbreviated as multisig, is a type of digital signature that requires more than one cryptographic key to authorize a transaction.

multi-signature wallet

Definition ∞ A multi-signature wallet is a type of digital wallet that requires multiple private keys to authorize a transaction.

delegate call

Definition ∞ A delegate call represents a specialized instruction within Ethereum smart contracts, permitting one contract to execute code from another contract.

assets

Definition ∞ A digital asset represents a unit of value recorded on a blockchain or similar distributed ledger technology.

blockchain

Definition ∞ A blockchain is a distributed, immutable ledger that records transactions across numerous interconnected computers.

market value

Definition ∞ Market value represents the current worth of an asset as determined by supply and demand in the open marketplace.

exploit

Definition ∞ An exploit refers to the malicious utilization of a security flaw or vulnerability within a protocol, smart contract, or application to gain unauthorized access, steal assets, or disrupt operations.

wallet security

Definition ∞ Wallet security refers to the measures and practices implemented to protect digital wallets, which store private keys for accessing and managing digital assets.

Tags:

Tags: