Security

UXLINK Multi-Signature Wallet Compromised, $11.3 Million Drained via DelegateCall

A critical delegateCall vulnerability in UXLINK's multi-signature wallet allowed an attacker to seize administrative control, enabling unauthorized fund transfers and token minting.
September 29, 20253 min

A reflective, metallic tunnel frames a desolate, grey landscape under a clear sky. In the center, a large, textured boulder with a central circular aperture is visible, with a smaller, textured sphere floating in the upper right
Two futuristic white devices with prominent blue illuminated panels are shown interacting at their core, where a bright blue energy field connects them. The devices feature metallic accents and intricate modular designs, set against a softly blurred background of abstract blue and grey technological forms

Briefing

A severe security incident has impacted UXLINK, an AI-powered web3 social platform, through a critical vulnerability within its multi-signature wallet system. This exploit granted an unauthorized actor administrative control, facilitating the illicit transfer of approximately $11.3 million in various crypto assets and the subsequent minting of trillions of UXLINK tokens. The incident underscores the profound risks associated with complex smart contract interactions, leading to a precipitous 70% decline in the UXLINK token’s market value and eroding an estimated $2.1 billion in market capitalization.

A modern, elongated device features a sleek silver top and dark base, with a transparent blue section showcasing intricate internal clockwork mechanisms, including visible gears and ruby jewels. Side details include a tactile button and ventilation grilles, suggesting active functionality

Context

Prior to this incident, multi-signature wallets were largely perceived as a robust security measure, requiring multiple approvals for transactions. However, the prevailing attack surface for such systems often includes misconfigurations or vulnerabilities in underlying smart contract logic, particularly concerning administrative functions. This class of vulnerability, while known, frequently becomes exploitable when delegateCall mechanisms are not rigorously secured, presenting an inherent risk to decentralized protocols that rely on shared control.

A sleek, multi-segmented white and metallic processing unit on the left receives a concentrated blue, crystalline energy flow from a white, block-patterned modular component on the right. The stream appears to be a conduit for high-speed, secure information transfer

Analysis

The incident commenced on September 22, 2025, when an attacker exploited a delegateCall vulnerability within UXLINK’s multi-signature wallet. This specific weakness enabled the malicious actor to replace the legitimate admin role with their own address, effectively seizing full administrative control over the wallet. Subsequently, the attacker leveraged the addOwnerWithThreshold function to add a new, unauthorized multisig owner, facilitating the direct transfer of $4 million USDT, $500,000 USDC, 3.7 WBTC, and 25 ETH. Beyond direct asset draining, the compromised administrative access also permitted the attacker to mint approximately 10 trillion UXLINK tokens, which were then liquidated on decentralized exchanges for an additional $28.1 million in ETH, further destabilizing the protocol’s tokenomics.

A close-up view reveals a sophisticated, translucent blue electronic device with a central, raised metallic button. Luminous blue patterns resembling flowing energy or data are visible beneath the transparent surface, extending across the device's length

Parameters

  • Protocol Targeted → UXLINK
  • Attack Vector → DelegateCall Vulnerability in Multi-Signature Wallet
  • Total Financial Impact (Drained Assets & Liquidated Minted Tokens) → ~$39.4 Million
  • Initial Assets Drained → $11.3 Million (USDT, USDC, WBTC, ETH)
  • Minted Tokens Liquidated → ~$28.1 Million (from 10 Trillion UXLINK tokens)
  • Blockchains Affected → Ethereum, Arbitrum
  • Key On-chain Actions → Admin role replacement via delegateCall , new multisig owner addition via addOwnerWithThreshold , unauthorized token minting, asset swaps to DAI.
  • Market Impact → UXLINK token price plummeted over 70%, $2.1 Billion market value erosion.

A close-up reveals a central processing unit CPU prominently featuring the Ethereum logo, embedded within a complex array of metallic structures and vibrant blue, glowing pathways. This detailed rendering visually represents the core of the Ethereum blockchain's operational infrastructure

Outlook

Immediate mitigation for users involves exercising extreme caution with UXLINK tokens and refraining from trading on decentralized exchanges due to the compromised supply. Protocols employing multi-signature wallets must undertake rigorous security audits, with a particular focus on delegateCall implementations and access control mechanisms, to prevent similar administrative bypasses. This incident will likely drive new best practices in smart contract auditing, emphasizing the immutable nature of core administrative functions and the need for robust supply control in token contracts. The potential for contagion risk extends to any protocol with similar multi-signature wallet architectures or delegateCall patterns that have not been thoroughly vetted.

The UXLINK multi-signature wallet exploit serves as a stark reminder that even established security paradigms are vulnerable to sophisticated smart contract flaws, necessitating continuous, granular auditing of all administrative and minting functionalities to safeguard digital assets.

Signal Acquired from → Live Bitcoin News

Micro Crypto News Feeds

administrative control

Definition ∞ Administrative control denotes the authority an individual or entity possesses over a digital system, protocol, or asset.

multi-signature

Definition ∞ Multi-signature, often abbreviated as multisig, is a type of digital signature that requires more than one cryptographic key to authorize a transaction.

delegatecall vulnerability

Definition ∞ A delegatecall vulnerability is a critical security flaw specific to Ethereum smart contracts that utilize the delegatecall opcode.

protocol

Definition ∞ A protocol is a set of rules governing data exchange or communication between systems.

multi-signature wallet

Definition ∞ A multi-signature wallet is a type of digital wallet that requires multiple private keys to authorize a transaction.

assets

Definition ∞ A digital asset represents a unit of value recorded on a blockchain or similar distributed ledger technology.

eth

Definition ∞ ETH is the native cryptocurrency of the Ethereum blockchain.

tokens

Definition ∞ Tokens are digital units of value or utility that are issued on a blockchain and represent an asset, a right, or access to a service.

token minting

Definition ∞ Token minting is the process by which new digital tokens are created and introduced into circulation on a blockchain.

market value

Definition ∞ Market value represents the current worth of an asset as determined by supply and demand in the open marketplace.

decentralized exchanges

Definition ∞ Decentralized exchanges, often abbreviated as DEXs, are platforms that allow users to trade cryptocurrencies directly with each other without an intermediary.

Tags:

Tags: