Many OKX Users Lose Funds Due to Identity Theft

The incident involving OKX users losing assets due to a two-factor authentication (2FA) security vulnerability has revealed new developments.

Azcnews Many Okx Users Lose Funds Due To Identity Theft

According to a post on its Chinese X account on June 12th, the cryptocurrency exchange OKX confirmed a data breach that resulted in the theft of user assets. “The issue is currently under investigation by the authorities, and we cannot provide further details at this time,” the exchange stated in the post.


Earlier, on June 10th, two OKX users reported a security vulnerability on social media, claiming it allowed hackers to access their accounts and drain their wallets. Blockchain security firm SlowMist identified similarities between the incidents, noting that a new API key was created after users received SMS alerts from Hong Kong to verify that the account holder was conducting the transactions.

On June 10th, Web3 security group Dilation Effect asserted that attackers exploited a security flaw in OKX, allegedly allowing users to disable Google Authenticator (GA) or SMS verification without triggering the 24-hour withdrawal suspension system for certain activities.

However, the exchange has denied this claim after conducting an investigation, refuting the speculations about a security flaw in its verification system. OKX stated, “This incident is not related to the choice of Google Authenticator or SMS verification.” Instead, they suggested that the breach might have occurred because malicious actors forged OKX users’ documents, thus obtaining sensitive information and bypassing identity verification measures.

In a recent X post, OKX mentioned that they have compensated and will continue to compensate affected users. According to a report by Wu Blockchain on June 12th, the two users whose accounts were compromised have received full reimbursement from the exchange. To prevent future incidents, OKX announced that it will mandate the use of Google Authenticator for all transactions.


The exact number of users whose identities were stolen and accounts drained has not yet been disclosed by OKX. However, the amount of money involved appears substantial. Recently, a hacker breached the account of Crypto Lala, the operations manager of the Singapore-based market maker QuantMatter, and stole $11.6 million from the wallet.

This theft occurred on May 30, 2024, according to the post. Despite the account being secured with offline Google Authenticator (GA), the cause of the hack remains unclear and requires further investigation.

The hacker added whitelisted addresses and converted the stolen funds into BTC, ETH, USDC, and USDT. Subsequently, the hacker transferred all the funds to an on-chain wallet address. Currently, the money remains in that wallet without any signs of movement.


“The hacker had full access to my account. They converted everything to ETH and withdrew all my funds within 25 minutes. I noticed this through one of my sub-accounts. When I checked my main account, all the money had been stolen,” the post revealed.

Speculations suggest that the hacker may have used offline GA verification to steal the funds, indicating that the GA information of the market maker was compromised.

The true cause of the incident, the estimated number of affected users, and the extent of the damages remain unclear. However, this incident serves as a wake-up call for the security systems of centralized exchanges utilizing Google Authenticator. It highlights the need for stricter security measures to better protect users in the Web3 space.

(88 votes)

1.1/5

(88 votes)
  1. Avatar of
    Anonymous

    Wow

  2. Avatar of
    Anonymous

    okx监守自盗啊,还在这糊弄人呢

  3. Avatar of Ali
    Ali

    نوش جان هکر.این صرافی و همه صرافی‌هایی که به ناحق مردم مظلوم ایران را از حقشان محروم کرده یا می‌کنند به دلیل نقض عدالت از عذاب خداوند نمی‌توانند فرار کنند و به این طريق تابان سختی را میدهند

Comments are closed.

Latest

Crypto Market Faces Volatility Ahead Of Trump Tariff Pause Expiration

News | Editor Choice | Policy & Regulations

Crypto Market Faces Volatility Ahead of Trump Tariff Pause Expiration

The crypto market is entering a sensitive phase as the Trump tariff pause nears its end and nearly $15 billion in Bitcoin options are set to expire, putting significant pressure on investor sentiment.

Pi Coin Faces Selling Pressure Ahead Of Pi2day

News | Editor Choice | Pi Network

Pi Coin Faces Selling Pressure Ahead of Pi2Day

Ahead of the Pi2Day event on June 28, Pi Coin is under strong selling pressure while Pi Network announces a series of new updates, including the KYC Sync feature and upgrades to the Pi Browser aimed at improving user experience and accelerating the transition to Mainnet.

Bitcoin Could Drop To $100,000 Soon

Bitcoin | Editor Choice

Bitcoin Could Drop to $100,000 Soon

Although Bitcoin has surged following the stabilization of the Middle East situation, it could still fall below the 100,000 USD mark in the near future.

Coinbase Stock Hits New High As Analysts Split On Future Rally

News | Altcoin | Editor Choice | Policy & Regulations

Coinbase Stock Hits New High as Analysts Split on Future Rally

Coinbase (COIN), the crypto exchange giant, has just set a new all-time closing high, despite growing concerns that the stock may be due for a short-term correction.

Ai Crypto App Users Double This Year

Editor Choice | Altcoin

AI Crypto App Users Double This Year

According to a report from DappRadar, there are approximately 4.5 million wallets using AI applications on the blockchain, marking an 86% increase this year.