On December 13, OKX decentralized exchange (DEX) experienced a significant hack, resulting in a loss of $2.7 million. The breach occurred due to a leaked private key of the proxy admin owner. Unlike previous attacks on exchanges, this incident involved stealing the credentials needed to access the exchange’s wallets, where funds were held in escrow until transactions were completed.
The hack took place during the upgrade of the DEX Proxy contract, allowing attackers to exploit the claimTokens function. The hacker gained access through the leaked private key and took advantage of earlier token approvals granted by users to the contract, enabling them to steal assets.
The stolen funds included cryptocurrencies from 20 different tokens, with an estimated total value of about $424,000. Notably, the stolen tokens had relatively low liquidity.
Security firm Cyvers suggested that the overall loss could be as high as $1.1 million, with some of the stolen funds deposited to Railgun and distributed to externally owned accounts (EOAs), allegedly funded by Tornado Cash.
The OKX web3 team promptly responded to the breach by securing user funds and revoking compromised contract permissions. They are working with authorities to trace the stolen funds and plan to reimburse affected users with $370,000. Additionally, a thorough review is underway to prevent future incidents, and apologies have been issued for any inconvenience caused.
This incident adds OKX DEX to the growing list of decentralized finance (DeFi) exploits in the past year. Despite the breach, OKX has assured its users that it will cover all losses resulting from the exploit. Blockchain investigation firm PeckShield reported a total loss of $2.7 million in various cryptocurrencies and advised users to revoke any existing permits as a precautionary measure.
As the cryptocurrency landscape continues to face security challenges, both users and platforms are urged to prioritize and enhance their security measures to mitigate the risk of such incidents.
This News Article was automatically generated by Bob the Bot (AI)
| Information | Details |
|---|---|
| Geography | Global |
| Countries | |
| Sentiment | neutral |
| Relevance Score | 1 |
| People | None |
| Companies | SlowMist Zone, Tornado Cash, OKX DEX, Railgun, Cyvers |
| Currencies | Shiba Inu, KEK, Dogelon Mars |
| Securities | None |
