Recent on-chain activity indicates that the UXLINK exploiter is actively laundering stolen funds to make them harder to trace.
In the background, the UXLINK vulnerability occurred in September 2025. At that time, hackers compromised the project’s multi-signature wallet by exploiting the ‘delegateCall’ vulnerability.
They created billions of illegal UXLINK tokens and depleted approximately $4.5 million in cryptocurrency assets. The stolen money was then transferred between several wallets and exchanged for DAI (a stablecoin pegged to the US dollar) and Ethereum (ETH).
UXLINK exploiter launders stolen funds
Following the attack, the hacker exchanged the remaining DAI tokens for approximately 6,000.8 ETH.


The exploiter then immediately deposited 6,038 ETH into Tornado Cash after the exchange. In fact, the attacker deposited 14,336.6 ETH into Tornado Cash in the last two weeks.
Finally, the attacker laundered the stolen assets by converting millions of DAI into ETH and depositing more than $8.1 million in ETH into Tornado Cash.
Mining Express also faces a similar problem
It also includes wallets associated with the defunct Mining Express plan. reallocation of long-held assets. The wallet linked to the alleged Ponzi scheme converted its assets into a more liquid stablecoin by exchanging 5,004 ETH for 8.8 million DAI.
In this context, Kaze Fuziyama founded Mining Express in 2019. At the time, the company was allegedly deceiving investors with an MLM-based cryptocurrency mining scheme. Shortly after this, the company went bankrupt, forcing Ukrainian authorities to investigate further in 2022.


After receiving 4,512 ETH in 2024, he staked the funds through the relevant wallet, Lido, and Ether.fi, and then fully repurchased them in May 2026. More recently, approximately $5.1 million of the $7.5 million was moved to Tornado Cash following the use of the Jaredfromsubway.eth MEV bot.
Where is the gap?
It is clear that although the ecosystem facilitates seamless, unauthorized asset transfers, it still lacks effective systems to stop or deal with illicit funds once they are in motion. In fact, once illicit funds enter the DeFi ecosystem, it is still relatively easy to move and store them.
Therefore, to protect decentralized management and user privacy, protocols need to strengthen inter-network coordination and implement real-time threat detection.
Final Summary
- UXLINK reportedly exchanged the remaining 10.54 million DAI for 6,000.8 ETH, and a wallet affiliated with Mining Express exchanged 5,004 ETH for 8.8 million DAI.
- These, along with other exploits and money laundering, reveal a significant rift in the DeFi ecosystem.





