Skip to main content
Security

UXLINK Multi-Signature Wallet Compromised, $11.3 Million Drained via DelegateCall

A critical delegateCall vulnerability in UXLINK's multi-signature wallet enabled unauthorized administrative control and asset exfiltration, posing systemic risk to governance models.
September 24, 20253 min

The image displays a close-up perspective of two interconnected, robust electronic components against a neutral grey background. A prominent translucent blue module, possibly a polymer, houses a brushed metallic block, while an adjacent silver-toned metallic casing features a circular recess and various indentations
A central, clear, multi-faceted geometric object is encircled by a segmented white band with metallic accents, all set against a backdrop of detailed blue circuitry and sharp blue crystalline formations. This arrangement visually interprets abstract concepts within the cryptocurrency and blockchain domain

Briefing

On September 22, 2025, the UXLINK Web3 social infrastructure project suffered a significant security incident involving its multi-signature wallet, resulting in an initial drain of $11.3 million in stablecoins, ETH, and WBTC. Attackers exploited a critical delegateCall vulnerability to seize administrative control, subsequently minting and selling an additional 2 billion UXLINK tokens for approximately $28.1 million, which triggered a 70% price crash and erased nearly $70 million in market capitalization. This exploit underscores the profound systemic risks inherent in multi-signature governance mechanisms if not rigorously secured against sophisticated code manipulation.

The image displays a futuristic, angled device featuring a translucent blue lower casing that reveals intricate internal mechanisms, complemented by a sleek silver metallic top panel and a dark, reflective screen. Prominent silver buttons and a circular dial are integrated into its design, emphasizing interactive control and robust construction

Context

Prior to this incident, the DeFi ecosystem has frequently contended with vulnerabilities stemming from inadequately audited smart contracts and centralized administrative control points. The prevailing attack surface often includes complex contract interactions, such as those involving delegateCall functions, which, if improperly implemented, can grant unintended privileges. This class of vulnerability represents a known risk vector where a single point of failure within a protocol’s governance structure can be leveraged for catastrophic asset exfiltration and market destabilization.

A modern, elongated device features a sleek silver top and dark base, with a transparent blue section showcasing intricate internal clockwork mechanisms, including visible gears and ruby jewels. Side details include a tactile button and ventilation grilles, suggesting active functionality

Analysis

The incident’s technical mechanics centered on a delegateCall vulnerability within UXLINK’s multi-signature wallet. The attacker executed a delegateCall function to remove existing administrators and install their own address as the new owner, thereby gaining full control over the wallet’s administrative functions. This administrative takeover allowed the perpetrator to drain existing funds and, critically, mint an additional 2 billion unauthorized UXLINK tokens. These newly minted tokens were then rapidly sold across decentralized exchanges, creating a massive supply shock that crashed the token’s value and enabled the attacker to profit further from the market instability.

A transparent, frosted channel contains vibrant blue and light blue fluid-like streams, flowing dynamically. Centrally embedded is a circular, brushed silver button, appearing to interact with the flow

Parameters

  • Protocol Targeted ∞ UXLINK
  • Attack VectorDelegateCall Exploit in Multi-Signature Wallet
  • Initial Financial Impact ∞ $11.3 Million (stablecoins, ETH, WBTC)
  • Additional Funds Acquired ∞ $28.1 Million (from selling 2 billion newly minted UXLINK tokens)
  • Total Market Capitalization Loss ∞ ~$70 Million
  • Affected Blockchains ∞ Ethereum, Arbitrum
  • Vulnerability Type ∞ Smart Contract Logic Flaw (Multi-signature Governance)
  • Date of Incident ∞ September 22, 2025

A translucent blue device with a smooth, rounded form factor is depicted against a light grey background. Two clear, rounded protrusions, possibly interactive buttons, and a dark rectangular insert are visible on its surface

Outlook

Immediate mitigation for users involves exercising extreme caution with UXLINK tokens and monitoring official announcements for token swap procedures. This incident will likely establish new security best practices, emphasizing the critical need for comprehensive, independent audits of multi-signature wallet implementations and delegateCall functions. Protocols utilizing similar governance models must conduct urgent security reviews to identify and remediate analogous vulnerabilities, as the contagion risk to other DeFi projects remains a significant concern. Proactive risk management and real-time monitoring are paramount to safeguarding digital assets.

The UXLINK multi-signature wallet exploit serves as a stark reminder that even foundational governance mechanisms remain critical attack vectors, demanding continuous, rigorous security validation to protect ecosystem integrity.

Signal Acquired from ∞ ainvest.com

Micro Crypto News Feeds

administrative control

Definition ∞ Administrative control denotes the authority an individual or entity possesses over a digital system, protocol, or asset.

asset exfiltration

Definition ∞ This term refers to the unauthorized transfer of digital assets from a system or individual.

multi-signature wallet

Definition ∞ A multi-signature wallet is a type of digital wallet that requires multiple private keys to authorize a transaction.

delegatecall exploit

Definition ∞ A delegatecall exploit arises in smart contracts when a contract uses the delegatecall function to execute code from another contract, but fails to properly manage the context of the execution.

tokens

Definition ∞ Tokens are digital units of value or utility that are issued on a blockchain and represent an asset, a right, or access to a service.

market capitalization

Definition ∞ Market capitalization is a metric representing the total value of a cryptocurrency or digital asset.

multi-signature

Definition ∞ Multi-signature, often abbreviated as multisig, is a type of digital signature that requires more than one cryptographic key to authorize a transaction.

delegatecall

Definition ∞ DelegateCall is a low-level opcode in the Ethereum Virtual Machine (EVM) that allows a smart contract to execute code from another contract.

Tags:

Tags: