COINOTAG reported on September 23 that SlowMist founder Yakovenko tweeted the attackers who initially absconded with approximately 542 million UXLINK tokens may themselves have been targeted by an Inferno Drainer authorization phishing scheme. Yakovenko suggested the previously stolen UXLINK tokens were potentially phished via a common access‑authorization vector, per the security firm’s post. Market participants are advised to prioritize custodial reviews, wallet blacklisting and enhanced transaction monitoring to evaluate any liquidity or on‑chain exposure tied to the Inferno Drainer vector. Independent verification beyond the tweet and COINOTAG reporting has not been confirmed.