Latest news about Bitcoin and all cryptocurrencies. Your daily crypto news habit.
OKX‘s decentralized exchange and cross-chain bridge aggregator OKX Dex has fallen victim to a suspected hacking incident, resulting in losses exceeding $370,000. The breach raised alarms among users who noticed unauthorized transactions from wallets previously authorized on the platform.
The hacker is said to have exploited the vulnerability in OKX Dex’s authorization process as users exchange their crypto assets.
Vulnerability in the OKX Dex’s authorization processBlockchain security firm SlowMist conducted a detailed analysis, pinpointing the vulnerability in the platform’s authorization process during user exchanges.
Specifically, users authorize the TokenApprove contract, allowing the Dex contract to transfer tokens as part of the trading process. The issue arose when the Proxy Admin Owner upgraded the Dex Proxy contract to a new implementation contract on December 12. This upgrade introduced functionality that directly called the claimTokens function of the Dex contract, enabling attackers to make unauthorized calls and pilfer tokens.
🚨SlowMist Security Alert: OKX DEX Proxy Admin Owner's Private Key Suspected to be Leaked🚨
According to information from SlowMist Zone, the OKX DEX contract appears to have encountered an issue. After SlowMist's analysis, it was found that when users exchange, they authorize…— SlowMist (@SlowMist_Team) December 13, 2023
OKX Dex assured clients of reimbursement
When detecting the breach, OKX Dex promptly removed the compromised proxy address within minutes. This swift action likely prevented further losses. The exchange acknowledged that 18 addresses authorized for the contract were hacked, attributing the incident to the compromise of the management rights of an abandoned OKX Dex market maker contract.
All affected contracts were promptly deactivated, ensuring the safety of user assets.
OKX estimated the stolen funds at $370,000 and, in a bid to reassure affected users, pledged to compensate for the losses incurred.
We regret to inform you that a deprecated smart contract on OKX Dex has been compromised. We have taken immediate action to secure all user funds and revoke the contract permissions. We are working with relevant agencies to locate the stolen funds and will reimburse affected… pic.twitter.com/zDIjhb3ETz
— OKX Web3 (Wallet | DeFi | NFT) (@okxweb3) December 13, 2023
Despite the security incident, OKX has exhibited growth in market share, as reported by on-chain analytics firm CCData’s recent exchange review. OKX, alongside Upbit and Bybit, has gained dominance in spot market share year-to-date. In the derivatives space, OKX and Bybit saw an increase in market share, while Binance experienced a decline.
The post OKX Dex losses $370K in hack, users assured reimbursement appeared first on Invezz
Disclaimer
The views and opinions expressed in this article are solely those of the authors and do not reflect the views of Bitcoin Insider. Every investment and trading move involves risk - this is especially true for cryptocurrencies given their volatility. We strongly advise our readers to conduct their own research when making a decision.