Why the UXLINK hacker’s 14,336 ETH transfers raise fresh questions for DeFi

ambcrypto发布于2026-07-05更新于2026-07-05

文章摘要

Recent on-chain activity reveals the UXLINK exploiter is actively laundering stolen funds, complicating tracing efforts. The September 2025 hack, which exploited a 'delegateCall' vulnerability to steal roughly $4.5 million, involved converting illicit assets into DAI and Ethereum. Recently, the attacker swapped over 10 million DAI for approximately 6,000.8 ETH and has deposited a total of 14,336.6 ETH into the privacy mixer Tornado Cash in recent weeks, including over $8.1 million worth in a single move. Simultaneously, wallets connected to the defunct Mining Express Ponzi scheme have been converting long-held assets, swapping 5,004 ETH for 8.8 million DAI. Following a separate exploit of the Jaredfromsubway.eth MEV bot, about $5.1 million was also routed to Tornado Cash. These incidents underscore a critical vulnerability in DeFi: while enabling permissionless transfers, the ecosystem lacks effective mechanisms to halt or manage illicit funds once in motion, allowing them to be moved and concealed relatively easily. This highlights the need for strengthened cross-network coordination and real-time threat detection to better safeguard the space.

Recent on‐chain activity shows the UXLINK exploiter actively laundering stolen funds to make them harder to trace.

For background, the UXLINK exploit occurred in September 2025. At the time, the hackers took over the project’s multisignature wallet by taking advantage of a ‘delegateCall’ vulnerability.

They created billions of illegal UXLINK tokens, draining about $4.5 million in cryptocurrency assets. The stolen money was then transferred between several wallets and exchanged for DAI (a stablecoin that is pegged to the U.S. dollar) and Ethereum [ETH].

UXLINK exploiter launders stolen funds

After the attack, the hacker exchanged the remaining DAI tokens for about 6,000.8 ETH.

Source: PeckShieldAlert/X

Following which, the exploiter immediately deposited 6,038 ETH into Tornado Cash following the swap. In fact, in the past two weeks, the attacker has deposited 14,336.6 ETH into Tornado Cash.

Most recently, the attacker laundered stolen assets by converting millions of DAI into ETH and depositing more than $8.1 million worth of ETH into Tornado Cash.

Mining Express faces a similar issue

At the same time, wallets associated with the defunct Mining Express scheme appear to be reallocating long-held assets. The wallet linked to the purported Ponzi scheme changed its holdings into a more liquid stablecoin by exchanging 5,004 ETH for 8.8 million DAI.

For context, Kaze Fuziyama founded Mining Express in 2019. Back then the company allegedly deceived investors with an MLM-based cryptocurrency mining scheme. Soon after that, the company went bankrupt, which pushed the Ukrainian authorities for further investigation in 2022.

Source: Specter/X

After receiving 4,512 ETH in 2024, the associated wallet staked funds via Lido and Ether.fi before fully unstaking them in May 2026. More recently, about $5.1 million of the $7.5 million was moved to Tornado Cash following the exploitation of the Jaredfromsubway.eth MEV bot.

Where is the gap?

It’s evident that although the ecosystem facilitates smooth, permissionless asset transfers, it still lacks efficient systems to stop or deal with illegal funds once they are in motion. In fact, once illegal funds are in the DeFi ecosystem, it is still relatively easy to move and hide them.

Therefore, to safeguard decentralization and user privacy, protocols must strengthen cross‐network coordination and implement real‐time threat detection.


Final Summary

  • The UXLINK reportedly swapped the remaining 10.54 million DAI for 6,000.8 ETH, and a wallet linked to Mining Express swapped 5,004 ETH for 8.8 million DAI.
  • These, along with other exploits and money laundering, reveal a significant crack in the DeFi ecosystem.

热门币种推荐

相关问答

QWhat vulnerability did the hackers exploit to carry out the UXLINK attack in September 2025?

AThe hackers took advantage of a 'delegateCall' vulnerability to take over the project's multisignature wallet.

QHow did the UXLINK exploiter launder the stolen funds, and what tool was primarily used?

AThe exploiter laundered the funds by converting stolen DAI into ETH and then depositing the ETH into the privacy mixer Tornado Cash. Over two weeks, they deposited 14,336.6 ETH into Tornado Cash.

QWhat was the Mining Express scheme, and how are its associated wallets currently moving assets?

AMining Express was an MLM-based cryptocurrency mining Ponzi scheme founded in 2019. Associated wallets are now reallocating long-held assets, such as swapping 5,004 ETH for 8.8 million DAI and moving funds to Tornado Cash.

QWhat key problem in the DeFi ecosystem does the article highlight based on these incidents?

AThe article highlights that while DeFi facilitates permissionless transfers, it lacks efficient systems to stop or deal with illegal funds once they are in motion, making it relatively easy to move and hide stolen assets.

QWhat solutions does the article suggest to address the vulnerabilities exposed by these exploits?

AThe article suggests that protocols must strengthen cross-network coordination and implement real-time threat detection to safeguard decentralization and user privacy.

你可能也喜欢

十年变迁:加密初创的消亡之路

**摘要:** 文章回顾了加密行业过去十年从自由初创到高度合规化的根本性转变。 **昔日(2017年前后):** 行业准入门槛极低,匿名开发者仅凭白皮书和代码即可通过ICO快速融资并启动项目。监管缺失,资金和合规成本近乎为零,催生了大量创新实验,但也伴随着欺诈和投资者损失,为后续严格监管埋下伏笔。 **当下(2026年):** 行业面貌已彻底改变。在欧美亚等主要市场合规运营,企业必须像传统金融机构一样,配备完整的法务、合规团队,建立反洗钱体系,并满足高昂的牌照与资本金要求(例如,在美国全面运营的前三年合规成本可达75-120万美元)。 与此同时,风险投资逻辑巨变。资金高度集中于后期成熟企业(如2026年Q1,C轮后融资占风投资金28.4%),而早期初创融资严重萎缩(种子轮仅占5.2%)。风投更偏好交易平台、借贷等基础设施,对前沿探索性项目的支持减少。 **关键壁垒与行业格局:** 技术创新的重要性下降,**合规牌照、银行合作渠道、机构客户资源和品牌信任**成为核心护城河。这导致并购成为巨头快速获取这些稀缺资源的主要方式(如Coinbase收购Deribit)。行业话语权向少数资源雄厚的老牌企业集中,新入局者面临巨大障碍。 **结论与反思:** 行业成熟化带来了机构信任和投资者保护等好处,但也显著提高了创业门槛,压缩了无资源创业者的创新空间。加密行业正复刻传统金融的整合轨迹,其最初“去中心化”和“打破垄断”的理想,正面临被高合规成本和资本壁垒所侵蚀的挑战。

Foresight News20分钟前

十年变迁:加密初创的消亡之路

Foresight News20分钟前

机器人看视频学操作,伯克利首次打通互联网视频到灵巧手真机部署链路

加州大学伯克利分校的研究团队提出了一种名为“Do as I Do”的端到端流程,首次成功实现了从互联网单目RGB视频到灵巧手真机部署的完整链路。该方法旨在解决机器人“看”视频却“不会做”的核心难题,即如何将带有噪声的日常人类操作视频,转化为多指灵巧手能够执行的动作轨迹。 系统流程分为两个阶段。第一阶段,通过引导式扩散模型,稳定地从视频中重建出4D手-物交互过程,解决了传统方法在运动模糊、遮挡下跟踪不稳定的问题。第二阶段,针对重建出的带噪声参考轨迹,改进了原有的动作重定向优化框架,通过多项设计显著提升了成功率,从25%提升至71%。 研究团队利用该方法,从网络视频中生成了涵盖放置、书写、搅拌、锤击等20类复杂日常操作的500条已验证轨迹,并选取其中10项成功部署到双UR3e机械臂与双Sharpa Wave灵巧手平台上进行50Hz的真实执行。Sharpa Wave灵巧手因其接近人手的尺度和自由度,更适合此类迁移。 研究同时指出,直接从网络海量视频中筛选可用数据至关重要,未经处理的视频中仅有约5%的片段适合用于机器人学习,并总结了一套关键的数据筛选要点。这项工作标志着将人类视频大规模转化为机器人可执行数据的关键一步,为机器人学习开辟了新的数据来源。

marsbit1小时前

机器人看视频学操作,伯克利首次打通互联网视频到灵巧手真机部署链路

marsbit1小时前

交易

现货

热门文章

加密市场宏观研报:美国“加密货币周”来袭,ETH开启机构军备赛高潮

本周,加密市场迎来两股重磅催化——华盛顿“加密货币周”的立法攻势与以太坊机构布局的密集爆发,共同构成加密行业2025年下半年的“政策拐点”与“资金拐点”。这一轮加密周期的深层逻辑,正从比特币转向以太坊、稳定币及链上金融基础设施。我们认为:美国的政策明朗化+以太坊的机构化扩展,标志着加密行业正进入结构性转正阶段,市场配置的重心亦应逐步从“价格博弈”过渡至“规则+基础设施的制度红利捕捉”。

1.8k人学过发布于 2025.07.17更新于 2025.07.17

加密市场宏观研报:美国“加密货币周”来袭,ETH开启机构军备赛高潮

相关讨论

欢迎来到HTX社区。在这里,您可以了解最新的平台发展动态并获得专业的市场意见。以下是用户对ETH(ETH)币价的意见。

活动图片