The OKX crypto exchange platform has just suffered a large-scale hack. Its decentralized transaction aggregator (DEX) suffered a hack, resulting in the theft of $2.7 million in user-owned digital assets.
OKX victim of massive crypto theft of $2.7M
According to the OKX team, the attack was due to a private key leak affecting an obsolete smart contract in the platform’s DEX. This contract would have allowed hackers to access the wallets of many users and steal their funds. Some traders even lost up to $370,000 in this cyberattack.
It appears that the hackers patiently waited for the right moment before striking, skillfully taking advantage of a vulnerability left unpatched.
According to report from the company SlowMist, the hack would have started on December 12 following the replacement of the DEX proxy contract with a new implementation. The attacker immediately began exploiting a vulnerability to siphon tokens, and continued his actions despite a second attempt at correction by the administrator.
Although the corrupt DEX proxy was removed from the trusted list, it was already too late. The leak of the private key of the proxy administrator would be directly responsible for this catastrophic breach.
Reimbursement of Victims and Tracking the Hacker
Faced with this incident, OKX quickly apologized and supported the victims. The exchange promised full compensation to injured users, thus taking responsibility for this unfortunate hack.
At the same time, the platform has implemented emergency measures. In particular the immediate revocation of hacker access and the preventive locking of vulnerable accounts to avoid a larger leak.
“We regret to inform you that an outdated smart contract on OKX DEX has been compromised. We have taken immediate action to secure all user funds and revoke contractual permissions. »
OKX actively collaborates with agencies specializing in the hunt for cybercriminals, including Arkham which offered a bounty of $2,250 for any information helping to find the hacker. The investigation continues to locate the stolen funds and stop the attacker.
However, this umpteenth hack in the crypto universe seriously damages the reputation of the platform and users’ confidence in the security of decentralized protocols.
With losses linked to hacking exceeding a billion dollars since January 2023, the crypto industry must imperatively review its cybersecurity measures before it is too late. Otherwise, user distrust will cause its downfall.
Maximize your Tremplin.io experience with our ‘Read to Earn’ program! For every article you read, earn points and access exclusive rewards. Sign up now and start earning benefits.
