CDS Crypto News OKX Investigates Multi-Million Dollar Account Thefts After SIM Swap Attacks
Crypto News

OKX Investigates Multi-Million Dollar Account Thefts After SIM Swap Attacks

132
OKX Investigates Multi-Million Dollar Account Thefts After SIM Swap Attacks

OKX Investigates Massive Account Thefts Following SIM Swap Frauds

Crypto News- OKX cryptocurrency exchange and its security partner, SlowMist, are currently investigating a multi-million dollar exploit that led to the theft of two user accounts.

The Theft via SIM Swap Attack

The investigation centers on the theft of two OKX exchange accounts on June 9 via an SMS attack, commonly known as a SIM swap. This was reported by SlowMist founder Yu Xian in a post on X.

“The SMS risk notification originated from Hong Kong, and a new API Key was created with withdrawal and trading permissions,” Xian explained. “Initially, we suspected a cross-trading intention, but that seems to have been ruled out now.”

Unclear Amounts, but Significant Losses

While the exact amount stolen remains unclear, Xian noted that “millions of dollars of assets were taken.” The issue did not primarily stem from the exchange’s two-factor authentication (2FA) mechanisms, according to SlowMist.

Ongoing Investigation

SlowMist is still investigating the hacker’s wallet and the incidents leading up to the attack. However, it appears that 2FA may not have been the main vulnerability.

SlowMist’s Insights on 2FA

In a June 9 post on X, Xian mentioned, “I haven’t enabled a 2FA authenticator like Google Authenticator, but I’m unsure if this is the crucial point.”

Cointelegraph has reached out to OKX and SlowMist for further comments.

Analysis by Dilation Effect

According to the Web3 security group Dilation Effect, OKX’s 2FA mechanism allowed attackers to switch to a low-security verification method, which enabled them to whitelist withdrawal addresses via SMS verification.

Rise in Sophisticated Hacking Methods

Recent trends show that more sophisticated hackers have been bypassing 2FA methods. Earlier in June, a Chinese trader lost $1 million to a scam involving a promotional Google Chrome plugin called Aggr. This plugin steals user cookies, allowing hackers to bypass passwords and 2FA authentication.

Increase in Phishing Attacks

Phishing attacks have also surged in June. CoinGecko confirmed a data breach through its third-party email management platform, GetResponse, which resulted in 23,723 phishing emails being sent to victims.

OKX Investigates Multi-Million Dollar Account Thefts After SIM Swap Attacks

Phishing attacks aim to steal sensitive information like crypto wallet private keys. Another type of phishing, known as address poisoning, deceives investors into sending funds to fraudulent addresses similar to those they have interacted with before.

Private Key Leaks: A Major Vulnerability

The leakage of private keys and personal data has become the leading cause of crypto-related hacks. Exploiters often target the easiest vulnerabilities. According to Merkle Science’s 2024 HackHub report, over 55% of hacked digital assets in 2023 were lost due to private key leaks.

FAQ

What happened at OKX?

OKX cryptocurrency exchange and its security partner, SlowMist, are investigating a multi-million dollar exploit that led to the theft of two user accounts through an SMS attack, also known as a SIM swap.

For the latest in crypto updates, keep tabs on Crypto Data Space.

OKX Investigates Multi-Million Dollar Account Thefts After SIM Swap Attacks

Leave a comment

Leave a Reply

Related Articles

Ethereum White Paper Anniversary: From Concept to Global Smart Contract Platform

Ethereum White Paper Anniversary: From Concept to Global Smart Contract Platform

Bitcoin Liquidations Spike: Over $150M in Longs Wiped Out as Price Slides

Bitcoin Liquidations Spike: Over $150M in Longs Wiped Out as Price Slides

Memecoins Explained: The Intersection of Internet Culture and Crypto

Binance Research's report analyzes the rise of memecoins, highlighting their cultural impact,...

ETH Price Faces Challenges Amid ETF Outflows

Ethereum (ETH) struggles to maintain price above $2,500 amid ETF outflows and...