- UXLINK attackers converted 1,620 ETH to 6.73m DAI on September 24.
- The transaction occurred nearly 48 hours after the initial exploitation.
- Inferno Drainer Phishing Scam has released a $ 43m 542m UXLINK token.
UXLINK hacking occupied another unexpected turn as the attacker after exploitation continued to shuffle the stolen assets to pay cash.
According to the on -chain tracker, the hacker converted 1,620 ETH to Dai Stablecoins on early September 24, reaching $ 6.8 million.
This exercise was the first major shift in the stolen funds after almost 48 hours after the initial exploitation.
But investigators have already lost most of the loot with phishing fraud, adding abnormal twisting to one of the most abuse in recent months.
The attacker converts ETH to Stablecoin
According to blockchain data, the attacker replaced 1,620 ETH with 67.3 million DAI on September 24.
This showed the first important attempt to convert the stolen tokens into a stable asset.
Prior to this transaction, the hacker participated in a heavy fund shuffle ring across several wallets.
This movement used a general laundry tactic to cover the trail by mixing the decentralization and central response exchange.
The fund movement was reported by a warm chain monitoring account including Lookonchain, which confirmed the ethical DAI swap.
This activity suggests that the attacker can test liquidity and off -lamp strategies, despite the high surveillance of exchanges and security companies.
Fishing produced $ 43 million from UXLINK tokens.
Surprisingly, the attacker’s own security mistake caused additional losses.
The investigator found that hackers interact with malicious contracts related to Inferno drainfish phishing groups.
This error allowed a 525 million UXLINK token to be drained directly from the attacker’s wallet.
In the case of UXLINK, a large portion of the stolen tokens is now in the hands of a separate malicious actor.
How to exploit it
The hacking began on September 22 and expanded to the next day.
According to security researchers, the fundamentals of the Exploit were delegates in UXLINK’s multi -sig wallets.
The defect was able to provide assets and present fake tokens without approval by providing access to the attacker level.
The attacker was close to about 10 trillion Krux link tokens in the Arbitrum block chain.
They quickly liquidated the parts with ETH, USDC and other assets, discharging liquidity pools and collapsing token prices more than 70%.
The immediate impact is that the market value has disappeared millions of dollars.
Accordingly, UXLINK contacted the main exchanges to freeze suspicious amounts and partnerships with security companies to track transactions.
But a lot of damage has already been made until these measures were implemented.
Protocol response and recovery effort
UXLINK later introduced emergency measures to rebuild security and market trust.
The team migrated with a newly grateful smart contract that included supplied supply to reduce the risk of unlimited token mining.
This audit has strengthened the protection measures for multi -signatures and contract interactions.
Despite these measures, hackers continue to hold millions of dollars, and recent ETH-to-DAI swaps add new complexity to recovery tracking.
Additional phishing losses make the problem more complicated, leaving uncertainty about how much you can recover.
The prospect of recovery is limited when stolen assets spread over several chains, wallets and malicious actors.