Why the UXLINK hacker’s 14,336 ETH transfers raise fresh questions for DeFi

Latest on‑chain exercise exhibits the UXLINK exploiter actively laundering stolen funds to make them tougher to hint.
For background, the UXLINK exploit occurred in September 2025. On the time, the hackers took over the venture’s multisignature pockets by benefiting from a ‘delegateCall’ vulnerability.
They created billions of unlawful UXLINK tokens, draining about $4.5 million in cryptocurrency property. The stolen cash was then transferred between a number of wallets and exchanged for DAI (a stablecoin that’s pegged to the U.S. greenback) and Ethereum [ETH].
UXLINK exploiter launders stolen funds
After the assault, the hacker exchanged the remaining DAI tokens for about 6,000.8 ETH.


Following which, the exploiter instantly deposited 6,038 ETH into Twister Money following the swap. In truth, prior to now two weeks, the attacker has deposited 14,336.6 ETH into Twister Money.
Most lately, the attacker laundered stolen property by changing thousands and thousands of DAI into ETH and depositing greater than $8.1 million value of ETH into Twister Money.
Mining Categorical faces an analogous concern
On the identical time, wallets related to the defunct Mining Categorical scheme look like reallocating long-held assets. The pockets linked to the purported Ponzi scheme modified its holdings right into a extra liquid stablecoin by exchanging 5,004 ETH for 8.8 million DAI.
For context, Kaze Fuziyama based Mining Categorical in 2019. Again then the corporate allegedly deceived buyers with an MLM-based cryptocurrency mining scheme. Quickly after that, the corporate went bankrupt, which pushed the Ukrainian authorities for additional investigation in 2022.


After receiving 4,512 ETH in 2024, the related pockets staked funds through Lido and Ether.fi earlier than absolutely unstaking them in Might 2026. Extra lately, about $5.1 million of the $7.5 million was moved to Twister Money following the exploitation of the Jaredfromsubway.eth MEV bot.
The place is the hole?
It’s evident that though the ecosystem facilitates easy, permissionless asset transfers, it nonetheless lacks environment friendly programs to cease or cope with unlawful funds as soon as they’re in movement. In truth, as soon as unlawful funds are within the DeFi ecosystem, it’s nonetheless comparatively simple to maneuver and conceal them.
Due to this fact, to safeguard decentralization and consumer privateness, protocols should strengthen cross‑community coordination and implement actual‑time menace detection.
Closing Abstract
- The UXLINK reportedly swapped the remaining 10.54 million DAI for six,000.8 ETH, and a pockets linked to Mining Categorical swapped 5,004 ETH for 8.8 million DAI.
- These, together with different exploits and cash laundering, reveal a big crack within the DeFi ecosystem.





