On-chain data reveals that the exploiter of UXLINK has been actively laundering over 14,000 ETH in stolen assets, prompting concerns about the security of decentralized finance (DeFi).

The hack occurred in September 2025, when the attackers exploited a vulnerability in the project's multisignature wallet, resulting in a loss of approximately $4.5 million in crypto assets.

Details of the UXLINK Hack

The hackers manipulated a ‘delegateCall’ flaw to create billions of unauthorized UXLINK tokens, which were subsequently converted into various cryptocurrencies, including DAI, a stablecoin linked to the U.S. dollar.

  • The exploiter swapped DAI tokens for approximately 6,000.8 ETH.
  • In the last two weeks, the hacker has deposited 14,336.6 ETH into Tornado Cash, a mixing service.
  • The total value of the laundered ETH exceeds $8.1 million.

Mining Express Wallet Activity

Separately, wallets related to the defunct Mining Express scheme have also shown significant asset reallocations. The Mining Express, founded by Kaze Fuziyama in 2019, was involved in a Ponzi-like scheme, which led to its bankruptcy.

  • The wallet linked to Mining Express exchanged 5,004 ETH for 8.8 million DAI.
  • A notable transaction saw $5.1 million of the moved funds deposited into Tornado Cash after a previous exploit involving a bot.

Challenges in the DeFi Ecosystem

These incidents underscore the ongoing challenge of preventing the movement of illicit funds within the DeFi landscape. As protocols allow for seamless asset transfers, there remain significant gaps in tracking and mitigating illegal activities.

Effective measures must be implemented to enhance cross-network coordination and real-time monitoring to address these security risks. The recent activities raise critical questions about the integrity of DeFi protocols and their ability to safeguard against financial crimes.

In summary, the UXLINK exploiter's actions, together with the movements from Mining Express wallets, highlight vulnerabilities within DeFi, calling for urgent improvements in the sector's compliance and security measures.