Why UXLINK Hackers’ 14,336 ETH Transfers Raise New Questions for DeFi


Recent activity on the chain shows that the UXLINK exploiter is actively laundering the stolen funds to make them more difficult to trace.

For background, the UXLINK exploit occurred in September 2025. At that time, hackers took over the project’s multi-signature wallet by leveraging the “delegateCall” vulnerability.

They created billions of illegal UXLINK tokens, draining about $4.5 million of cryptocurrency assets. The stolen funds were then transferred between several wallets and exchanged for DAI (a stablecoin pegged to the US dollar) and Ethereum (ETH).

UXLINK exploiter launders stolen funds

After the attack, the hacker exchanged the remaining DAI tokens for approximately 6,000.8 ETH.

Exploit UXLINKExploit UXLINK
Source: Peak Shield Alert/X

After that, the exploiter immediately deposited 6,038 ETH into Tornado Cash after the swap. In fact, in the past two weeks, the attacker deposited 14,336.6 ETH into Tornado Cash.

Recently, the attacker laundered stolen assets by converting millions of DAI into ETH and depositing more than $8.1 million worth of ETH into Tornado Cash.

Mining Express faces a similar problem

Meanwhile, wallets appear to be linked to the defunct Mining Express scheme Redistribution of long-owned assets. The wallet linked to the alleged Ponzi scheme changed its holdings to a more liquid stablecoin by exchanging 5,004 ETH for 8.8 million DAI.

For context, Kaze Fuziyama founded Mining Express in 2019. At the time, the company allegedly defrauded investors with an MLM-based cryptocurrency mining scheme. Shortly after, the company went bankrupt, prompting Ukrainian authorities to conduct further investigations in 2022.

Defunct rapid mining schemeDefunct rapid mining scheme
Source: Specter/X

After receiving 4,512 ETH in 2024, the linked wallet deposited funds via Lido and Ether.fi before being completely phased out in May 2026. Most recently, about $5.1 million of the $7.5 million was moved to Tornado Cash following the Jaredfromsubway.eth MEV bot exploit.

Where is the gap?

It is clear that although the ecosystem facilitates seamless, permissionless asset transfers, it still lacks effective systems to stop or deal with illicit funds once they are in motion. In fact, once there are illicit funds in the DeFi ecosystem, it is still relatively easy to move and hide them.

Therefore, to protect decentralization and user privacy, protocols must enhance cross-network coordination and implement real-time threat detection.


Final summary

  • UXLINK reportedly exchanged the remaining 10.54 million DAI for 6,000.8 ETH, and the wallet linked to Mining Express exchanged 5,004 ETH for 8.8 million DAI.
  • These, along with other exploits and money laundering, reveal a major crack in the DeFi ecosystem.



Source link

Leave a Reply

Your email address will not be published. Required fields are marked *