Skip to main content
Security

UXLINK Multi-Signature Wallet Compromised, $11.3 Million Drained via DelegateCall

A critical delegateCall vulnerability in UXLINK's multi-signature wallet allowed an attacker to seize administrative control, enabling unauthorized fund transfers and token minting.
September 29, 20253 min

A translucent blue, rectangular device with rounded edges is positioned diagonally on a smooth, dark grey surface. The device features a prominent raised rectangular section on its left side and a small black knob with a white top on its right
A close-up view presents a futuristic, metallic hardware device, partially adorned with granular frost, held by a white, textured glove. The device's open face reveals an intricate arrangement of faceted blue and silver geometric forms nestled within its internal structure

Briefing

A severe security incident has impacted UXLINK, an AI-powered web3 social platform, through a critical vulnerability within its multi-signature wallet system. This exploit granted an unauthorized actor administrative control, facilitating the illicit transfer of approximately $11.3 million in various crypto assets and the subsequent minting of trillions of UXLINK tokens. The incident underscores the profound risks associated with complex smart contract interactions, leading to a precipitous 70% decline in the UXLINK token’s market value and eroding an estimated $2.1 billion in market capitalization.

The image displays a close-up of a high-tech device, featuring a prominent brushed metallic cylinder, dark matte components, and translucent blue elements that suggest internal workings and connectivity. A circular button is visible on one of the dark sections, indicating an interactive or control point within the intricate assembly

Context

Prior to this incident, multi-signature wallets were largely perceived as a robust security measure, requiring multiple approvals for transactions. However, the prevailing attack surface for such systems often includes misconfigurations or vulnerabilities in underlying smart contract logic, particularly concerning administrative functions. This class of vulnerability, while known, frequently becomes exploitable when delegateCall mechanisms are not rigorously secured, presenting an inherent risk to decentralized protocols that rely on shared control.

A detailed close-up showcases a complex mechanical assembly, centered around a brushed metallic component with visible bolts and a distinct reddish-orange circular element. Blue tubing and black cables are intricately connected, extending from and around the central mechanism, against a blurred background of similar industrial components

Analysis

The incident commenced on September 22, 2025, when an attacker exploited a delegateCall vulnerability within UXLINK’s multi-signature wallet. This specific weakness enabled the malicious actor to replace the legitimate admin role with their own address, effectively seizing full administrative control over the wallet. Subsequently, the attacker leveraged the addOwnerWithThreshold function to add a new, unauthorized multisig owner, facilitating the direct transfer of $4 million USDT, $500,000 USDC, 3.7 WBTC, and 25 ETH. Beyond direct asset draining, the compromised administrative access also permitted the attacker to mint approximately 10 trillion UXLINK tokens, which were then liquidated on decentralized exchanges for an additional $28.1 million in ETH, further destabilizing the protocol’s tokenomics.

A translucent, frosted rectangular module displays two prominent metallic circular buttons, set against a dynamic backdrop of flowing blue and reflective silver elements. This sophisticated interface represents a critical component in secure digital asset management, likely a hardware wallet designed for cold storage of private keys

Parameters

  • Protocol Targeted ∞ UXLINK
  • Attack Vector ∞ DelegateCall Vulnerability in Multi-Signature Wallet
  • Total Financial Impact (Drained Assets & Liquidated Minted Tokens) ∞ ~$39.4 Million
  • Initial Assets Drained ∞ $11.3 Million (USDT, USDC, WBTC, ETH)
  • Minted Tokens Liquidated ∞ ~$28.1 Million (from 10 Trillion UXLINK tokens)
  • Blockchains Affected ∞ Ethereum, Arbitrum
  • Key On-chain Actions ∞ Admin role replacement via delegateCall , new multisig owner addition via addOwnerWithThreshold , unauthorized token minting, asset swaps to DAI.
  • Market Impact ∞ UXLINK token price plummeted over 70%, $2.1 Billion market value erosion.

A striking visual presents a complex blue metallic structure, featuring multiple parallel fins and exposed gears, enveloped by a vibrant flow of white and blue particulate matter. A smooth white sphere is partially visible, interacting with the dynamic cloud-like elements and the central mechanism

Outlook

Immediate mitigation for users involves exercising extreme caution with UXLINK tokens and refraining from trading on decentralized exchanges due to the compromised supply. Protocols employing multi-signature wallets must undertake rigorous security audits, with a particular focus on delegateCall implementations and access control mechanisms, to prevent similar administrative bypasses. This incident will likely drive new best practices in smart contract auditing, emphasizing the immutable nature of core administrative functions and the need for robust supply control in token contracts. The potential for contagion risk extends to any protocol with similar multi-signature wallet architectures or delegateCall patterns that have not been thoroughly vetted.

The UXLINK multi-signature wallet exploit serves as a stark reminder that even established security paradigms are vulnerable to sophisticated smart contract flaws, necessitating continuous, granular auditing of all administrative and minting functionalities to safeguard digital assets.

Signal Acquired from ∞ Live Bitcoin News

Micro Crypto News Feeds

administrative control

Definition ∞ Administrative control denotes the authority an individual or entity possesses over a digital system, protocol, or asset.

multi-signature

Definition ∞ Multi-signature, often abbreviated as multisig, is a type of digital signature that requires more than one cryptographic key to authorize a transaction.

delegatecall vulnerability

Definition ∞ A delegatecall vulnerability is a critical security flaw specific to Ethereum smart contracts that utilize the delegatecall opcode.

protocol

Definition ∞ A protocol is a set of rules governing data exchange or communication between systems.

multi-signature wallet

Definition ∞ A multi-signature wallet is a type of digital wallet that requires multiple private keys to authorize a transaction.

assets

Definition ∞ A digital asset represents a unit of value recorded on a blockchain or similar distributed ledger technology.

eth

Definition ∞ ETH is the native cryptocurrency of the Ethereum blockchain.

tokens

Definition ∞ Tokens are digital units of value or utility that are issued on a blockchain and represent an asset, a right, or access to a service.

token minting

Definition ∞ Token minting is the process by which new digital tokens are created and introduced into circulation on a blockchain.

market value

Definition ∞ Market value represents the current worth of an asset as determined by supply and demand in the open marketplace.

decentralized exchanges

Definition ∞ Decentralized exchanges, often abbreviated as DEXs, are platforms that allow users to trade cryptocurrencies directly with each other without an intermediary.

Tags:

Tags: