Shortly after the hack, the attacker apparently approved a phishing contract, perhaps in their rush to swap tokens before the price crashed further or before exchanges could freeze the tokens. Around 542 million of the UXLINK tokens were sent to a phishing address as a result, though it doesn't appear the phishing wallet has been able to sell the tokens.
UXLINK exploited for around $28 million, then hacker gets phished
The "AI-powered web3 social platform" UXLINK was exploited by an attacker that gained control of the project's multisignature wallet, then minted billions of the project's UXLINK token. Though the tokens were worth hundreds of millions of dollars on paper, low liquidity and a crashing token price means the attacker cashed out around $28 million.