- The Uxlink hacker returned after three months, purchasing a total of 5,493.26 ETH.
- The hacker may be utilizing the buy-the-dip opportunity amid the ETH price crash.
- In 2025, the hacker exploited the Uxlink protocol’s vulnerability, resulting in the loss of millions of funds.
After months of silence, the infamous Uxlink hacker has resurfaced, making headlines with a fresh move. The hacker has been reportedly purchasing Ethereum using DAI, signaling a return to active trading after a three-month break.
The Uxlink hacker previously exploited the vulnerabilities in the protocol, leading to a multi-million-dollar breach. Since the hack, the attacker has executed a series of high-value transactions while largely avoiding detection. This makes the latest movement a closely watched event in the crypto industry.
Uxlink Hacker Back in Action with ETH Move
According to the findings of an X account called “@ai_9684xtpa,” the notorious Uxlink hacker has returned with a massive Ethereum transaction. The hacker has started buying Ethereum again, this time using DAI.
The analyst stated that four addresses linked to the hacker purchased a total of 5,493.26 ETH, worth about $10.87 million. These tokens were bought at an average price of$1,979 per Ether.
While these ETH tokens were purchased using DAI, which were acquired by the hacker by swapping the stolen funds. Still, after multiple batches of Ether purchases, the Uxlink hacker holds about 21.42 DAI.
How the Uxlink Hack Happened?
The Uxlink hack, which took place on September 22, 2025, resulted in a financial loss of $11 million. The attack was reportedly carried out by an unknown hacker via a carefully planned external attack. The hacker used advanced social engineering methods to access the system while maintaining system security.
The attacker also used deepfake videos to impersonate a business partner and established trust with the team member. This gave them access to the team member’s Telegram account and personal device. With this access, the hacker quickly took control of a smart contract and minted billions of fake UNLINK tokens.
In addition to unauthorized UXLINK minting, the attacker transferred about $4 million in USDT, $500,000 in USDC, 3.7 WBTC, and 25 ETH. To cover their tracks and cash out, the hacker moved the stolen funds across at least six different wallets, converting most of them into Ethereum. In total, they made off with about 6,732 ETH, worth $28.1 million at the price then. They also swapped tokens to DAI and used the Arbitrum network to move the funds back to Ethereum.
What the Latest ETH Purchase Suggests?
The latest Ethereum purchase by the Uxlink hacker suggests that they are actively managing and possibly expanding their holdings. Buying a large number of ETH after three months of inactivity shows a deliberate strategy rather than a random move. Analysts see this as a sign that the hacker is carefully consolidating stolen or accumulated assets, potentially preparing for future transactions.
The transaction is particularly noteworthy because of its timing. The hacker has purchased Ether amid the ongoing ETH downtrend. The altcoin is currently trading in the red zone, sparking widespread caution about its future.
However, expert traders see this as a buy-the-dip opportunity. Considering this approach, analysts believe that the Uxlink hacker might also have accumulated the tokens utilizing the bearish price trend.