Close this search box.

OKX Confirms a Few User Accounts Lost Money via Identity Theft

On June 12, OKX, a cryptocurrency exchange, confirmed on its Chinese X account that a data breach led to the theft of user assets.
okx user account hack

On June 12, OKX, a cryptocurrency exchange, confirmed on its Chinese X account that a data breach led to the theft of user assets.

Previously, on June 10, two OKX users reported a security flaw on social media, blaming it for allowing hackers to access their accounts and empty their wallets. Blockchain security firm SlowMist identified similarities between the two incidents, noting that a new API key was created after users received a risk alert SMS from Hong Kong to verify account activity.

On June 10, Web3 security group Dilation Effect claimed that attackers exploited a security vulnerability in OKX. This flaw allegedly allowed users to disable Google Authenticator (GA) or SMS verification without triggering the 24-hour withdrawal suspension in certain activities.

However, after an investigation, OKX denied these claims, rejecting the notion of a security flaw in its verification system. OKX stated, “This incident has nothing to do with choosing Google Authenticator or SMS verification.” Instead, the issue might have been due to attackers using fake documents to obtain sensitive user information and bypass identity verification.

In its latest X post, OKX added that it has compensated and will continue to compensate affected users. According to a June 12 report by Wu Blockchain, the two compromised users received full compensation from the exchange. To prevent future incidents, OKX announced it will require users to use Google Authenticator for transactions.

OKX has not yet disclosed the number of users affected by identity theft and wallet-draining. However, the amount stolen is likely substantial. Recently, a hacker breached the account of Crypto Lala, the operations manager at Singapore-based market maker QuantMatter, and stole $11.6 million from their wallet.

According to the post, this amount was unexpectedly stolen on May 30, 2024. The account was secured with offline Google Authenticator (GA), and the cause of the hack is currently unknown and requires further investigation.

The hacker added whitelist addresses and converted the stolen funds into BTC, ETH, USDC, and USDT. The entire amount was then transferred to an on-chain wallet address. As of now, the funds remain in that wallet without any movement.

Many speculate that the hacker used offline GA verification to steal the funds and that the market maker’s GA information was compromised.

The true cause of the incident, the estimated number of affected users, and the extent of the damage in the OKX breach remain unclear. However, this incident serves as a wake-up call for centralized exchanges to implement stricter security measures around Google Authenticator to protect users in the Web3 space better.


New Post

Read more

Bitcoin ETFs see record inflows in July, signaling strong investor sentiment and driving Bitcoin, Ethereum, and altcoins higher.
Mastercard integrates its API with Alchemy Pay to enhance security for crypto solutions, reducing fraud with advanced machine learning and boosting user protection.
Some firms have proposed business practices that the SEC agrees could exempt them from controversial crypto accounting guidance, according to an SEC source.