UXLINK, a project that claims to be a Web3 social platform, has suffered a security breach that might have resulted in losses potentially reaching tens of millions of dollars. Its token price has since plummeted over 70%.

In a Monday post on X, UXLINK confirmed that it identified a security breach involving its multi-signature wallet, "resulting in a significant amount of cryptocurrency being illicitly transferred to both CEXs and DEXs."

Earlier in the day, Cyvers Alerts flagged that an ETH address executed a delegateCall, removed the admin role and added a new multisig owner. The hacker then appeared to transfer at least $4 million in USDT, $500,000 in USDC, 3.7 WBTC and 25 ETH, according to Cyvers.

Onchain analytics provider Lookonchain reported that the hacker has also sold UXLINK tokens on DEXes through six wallets, obtaining at least 6,732 ETH, worth roughly $28.1 million.

"The majority of the hacker's assets have been frozen by major exchanges, minimizing further risks to the community," the project said in a separate post.

UXLINK also warned that the attacker continued to mint UXLINK tokens. Onchain data showed that approximately 10 trillion UXLINK tokens have been minted late Monday. The price of UXLINK has since plummeted over 70% to $0.08912, according to CoinGecko data.

"We have identified an unauthorized minting of UXLINK tokens today by a malicious actor," said the project. "We strongly advise all community members not to trade UXLINK on DEXs at this time, in order to avoid potential losses caused by these unauthorized tokens."

The UXLINK team said it is contacting major CEXs to temporarily halt UXLINK trading, and it intends to come up with a token swap plan soon.

The Block has reached out to UXLINK for further information.