The OKX cryptocurrency exchange and security partner SlowMist are currently investigating a significant breach that resulted in the theft of assets from two user accounts.
The breach took place on June 9th when two OKX exchange accounts were compromised through an SMS attack, commonly referred to as a SIM swap. SlowMist’s founder, Yu Xian, shared this information in a recent post on X. While the exact amount stolen remains unknown, Xian mentioned that “millions of dollars of assets were taken.”
Despite ongoing investigations by SlowMist into the hacker’s wallet and related incidents, it appears that the exchange’s two-factor authentication (2FA) system may not have been the primary vulnerability exploited in this attack.
According to an analysis by Web3 security group Dilation Effect, OKX’s 2FA mechanism allowed the attackers to transition to a less secure verification method, enabling them to whitelist withdrawal addresses through SMS verification.
However, more advanced hackers have been finding ways to bypass 2FA verification methods. In a separate incident earlier in June, a trader in China fell victim to a $1 million scam involving a Google Chrome plugin called Aggr, which stole user cookies to circumvent passwords and 2FA authentication.
Phishing attacks have also been on the rise, with CoinGecko recently confirming a data breach in their third-party email management platform, GetResponse. This breach resulted in the sending of 23,723 phishing emails to unsuspecting victims.
These phishing attacks typically aim to obtain sensitive information such as crypto wallet private keys. Additionally, there are address poisoning scams that seek to deceive investors into sending funds to fake addresses resembling legitimate ones they have interacted with in the past.
Private key and personal data leaks have emerged as the leading cause of crypto-related hacks, as cybercriminals target the most vulnerable aspects of security.
According to Merkle Science’s 2024 HackHub report, over 55% of hacked digital assets in 2023 were lost due to private key leaks. As the crypto industry continues to face security challenges, it is crucial for users to remain vigilant and adopt robust security measures to protect their assets.