The wallet associated with the UXLINK exploit has sold 5,496 ETH for approximately $11.8 million in DAI, according to on-chain data flagged by Arkham Intelligence. This transaction, executed via the decentralized exchange CoWSwap, is the latest move in a six-month trading spree that has yielded no net profit for the hacker.
The exploiter's current portfolio is valued at roughly $36.65 million, with its two largest positions being 22.358 million DAI ($22.36M) and 202.773 WBTC ($14.27M). The remaining holdings include a small amount of ETH and negligible quantities of other tokens. The recent ETH-to-DAI swap appears to be an attempt to lock in value after a period of volatility, a recurring pattern in the wallet's activity.
Arkham's analysis reveals a consistent cycle of losses and break-even recoveries since the initial theft of around $36 million in ETH roughly six months ago. Contrary to the typical post-hack strategy of quickly obfuscating and cashing out funds, this entity has kept the stolen assets in traceable wallets, actively trading them on public decentralized exchanges. Cumulative losses reportedly exceeded $4 million in February 2026, followed by a recovery in March, but the hacker has failed to achieve sustained profitability.
This behavior is highly unusual for a crypto criminal of this scale, as it creates a fully documented, on-chain record of every transaction. Arkham has tagged the associated wallet as "Suspicious" and "Hacker," mapping its activity across 57 identified addresses.
