Summary
UXLINK is a Singapore-based Web3 social infrastructure protocol that suffered a critical $11.3 million multisig exploit in September 2025, in which an attacker used deepfake video technology to socially engineer a team member, then minted up to 10 trillion unauthorized tokens — collapsing the token price by over 90%. The project has raised over $15 million from credible VCs including HashKey Capital and SevenX Ventures, but centralization risks in its smart contract architecture and persistent post-hack selling pressure have left the token trading at roughly 99% below its pre-hack highs as of May 2026.
Connected Entities
1 entities- + 3 more
Timeline(16 events)
2022-01-01
UXLINK founded by Mark Wang, Neal Wang, and Abao Wu in Singapore via Happy Fair Pte. Ltd.
2024-05-14
UXLINK closes funding round led by SevenX Ventures, INCE Capital, and HashKey Capital, bringing total disclosed funding to over $15 million.
2025-04-01
UXLINK reports over 50 million registered users and 1.5 million UXLINK token holders.
2025-07-02
South Korea's DAXA announces review of 1,333 tokens across 20 exchanges under new investor protection laws effective July 19, 2025.
2025-07-17
Scheduled 9.17% token supply unlock (37.5 million UXLINK tokens) executed.
2025-09-22
Critical exploit begins: attacker uses deepfake video calls to socially engineer a UXLINK team member, gaining device and Telegram access. Attacker exploits delegateCall vulnerability in multisig Safe wallet to seize admin control, draining approximately $11.3 million in assets.
2025-09-22
Attacker mints up to 10 trillion CRUXLINK tokens on Arbitrum and dumps approximately 490 million tokens on exchanges. UXLINK token price collapses over 90%, from ~$0.33 to ~$0.033.
2025-09-23
DAXA member exchanges Upbit, Bithumb, and Coinone designate UXLINK as a trading caution asset and suspend trading. Upbit freezes $5–7 million in suspicious deposits.
2025-09-23
The UXLINK attacker loses over 542 million stolen UXLINK tokens (valued at approximately $48 million) to the Inferno Drainer phishing group via a malicious increaseAllowance contract.
2025-09-24
Bitunix delists UXLINK. Indonesian exchange Indodax also delists the token.
2025-09-25
UXLINK CEO releases public incident review confirming deepfake social engineering attack vector and denying rug pull. Project announces five-point recovery plan including smart contract rebuild and token migration.
2025-10-01
Community governance vote authorizes early unlock of 8%–12% of token supply to fund user compensation. Investor token vesting unchanged.
2025-10-18
Scheduled 7.08% token supply unlock (70.75 million UXLINK tokens) executed.
2025-10-01
UXLINK submits relisting applications to Upbit, Bithumb, and Coinone.
2026-01-01
Core UXLINK team publicly stakes 10.9 million tokens as a confidence and long-term commitment signal.
2026-04-22
UXLINK token trading at approximately $0.0017, approximately 99.5% below pre-hack price levels.
Decision Log
- hash: 2szvUNm1f6FKp3Whj38UcYP6gQUCgyweVQU46pW2hU1F
This investigation is cryptographically anchored to the Solana blockchain and source URLs are archived via the Internet Archive.
model: claude-sonnet-4-6
generated: 5/4/2026, 2:54:21 AM
last updated: 5/20/2026, 3:30:50 AM
avoid.net — verified advice for a post-truth world