UXLink updates smart contract after $30 million exploit
Experts cited centralized management as one of the reasons for the hack
24.09.2025 - 12:55
281
3 min
0
Key points:
- The UXLink project is launching a new Ethereum smart contract.
- The hack of the UXLink multi-signature wallet led to the issuance of 10 trillion tokens and a 90% drop in price.
- The project has updated the contract, which does not include the risky mint-burn function.
Decentralized social platform UXLink has announced the launch of a new Ethereum contract after a multi-signature wallet exploit allowed attackers to issue unauthorized UXLINK tokens and crash the value of its native asset.
UXLink said its new smart contract has passed a security audit and will be deployed on the Ethereum mainnet. It lacks a mint-burn feature to prevent similar incidents in the future.
On September 23, the project confirmed the hack, stating that a significant amount of cryptocurrency had been transferred to exchanges. Cyvers Alerts estimates the damage at no less than $11 million, while Hacken estimates it at over $30 million.
The UXLink exploit revealed the risks of centralized management
Hackers gained control of the UXLink smart contract by hacking a multi-signature wallet and initially issued 2 billion UXLINK. The token price fell 90% from $0,33 to $0,033 while the attacker continued to issue tokens. According to Hacken’s estimates, nearly 10 trillion tokens were issued. According to CoinGecko, at the time of writing, the UXLINK price had recovered to $0,09.
Источник: CoinGeckoFearsOff CEO Marwan Hachem commented on the incident:
“This really spotlights some design flaws in UXLink’s setup. A multisignature wallet that wasn’t properly shielded from delegate call exploits, lax controls on who could mint, and no built-in code to enforce the supply cap.”
According to him, this case shows how risky it is to “maintain overly centralized control in projects that claim to be decentralized.”
Protection tips
From a technical standpoint, according to Hachem, the UXLink hack could have been avoided by implementing several standard security measures:
- adding timelocks to sensitive actions such as issuing new tokens or changing contract ownership;
- revoking the right to issue tokens after they are launched, so that even insiders cannot create them again;
- from an operational standpoint, Hachem emphasized the importance of independent audits and constant transparency.
Hachem added that even multi-signature wallets cannot be considered completely secure. He also noted the paramount importance of decentralized governance and emergency shutdowns of critical functions.
Useful material?
Telegram 
Twitter Incidents
Developers warned of potential risks to bridges across the ecosystem and asked exchanges for assistance.
Jun 22, 2026
Incidents
The defendant helped move funds stolen through investment scams and earned at least $4 million for his role in the operation.
Jun 10, 2026
Incidents
The company is linking the incident to a compromised private key on a service wallet, rather than a smart contract exploit
May 22, 2026
Incidents
Following the incident, the project temporarily halted trading operations and node activity.
May 15, 2026
Incidents
The user spent weeks unsuccessfully trying to guess the password until Claude helped find an old wallet backup file
May 14, 2026
Crypto regulations
Authorities are introducing mandatory registration for companies handling cross-border crypto transactions
May 8, 2026
Cryptocurrency rates
-
Bitcoin
$62 706
BTC
-1.92%
-
Ethereum
$2 551.16
ETH
+3.56%
-
BNB Smart Chain
$579.4
BSC
+1.23%
-
Ripple
$1.11
XRP
-1.73%
-
TRON
$0.160134
TRX
-1.59%
-
Dogecoin
$0.078848
DOGE
-4.27%
-
Zcash
$415.91
ZEC
-5.99%
-
Stellar XLM
$0.195063
XLM
-3.47%
-
Cardano
$0.151374
ADA
-4.46%
-
Polkadot
$3.32
DOT
+5.27%