OKX cryptocurrency exchange is currently working with security partner SlowMist to investigate a significant exploit that led to the theft of two user accounts, resulting in the loss of millions of dollars in assets.
The incident, which occurred on June 9, involved a sophisticated SMS attack, commonly known as a SIM swap. SlowMist founder Yu Xian shared this information in a recent post on X. Although the exact amount stolen has not been disclosed, Xian stated that “millions of dollars of assets were stolen.”
While SlowMist continues to delve into the hacker’s wallet and the events surrounding the breach, it appears that the exchange’s two-factor authentication (2FA) mechanisms may not have been the primary point of vulnerability. According to an analysis by Web3 security group Dilation Effect, the attackers were able to exploit OKX’s 2FA system to switch to a less secure verification method, enabling them to whitelist withdrawal addresses through SMS verification.
Despite the use of 2FA, more advanced hackers have been finding ways to bypass these security measures. For instance, in early June, a Chinese trader fell victim to a scam involving a fraudulent Google Chrome plugin called Aggr, resulting in a loss of $1 million. This plugin was used to steal user cookies, allowing hackers to circumvent passwords and 2FA authentication.
Phishing attacks have also been on the rise, with CoinGecko recently confirming a data breach in its third-party email management platform, GetResponse. This breach led to the sending of over 23,000 phishing emails to unsuspecting victims, aiming to obtain sensitive information such as crypto wallet private keys.
Private key and personal data leaks remain a significant cause of crypto-related hacks, as attackers target the easiest vulnerabilities. According to Merkle Science’s 2024 HackHub report, over 55% of hacked digital assets were lost due to private key leaks in 2023.
Overall, security remains a top concern in the crypto space, as both exchanges and individual users must remain vigilant against evolving threats and vulnerabilities.