According to ChainCatcher, Wu said that according to user Khan’s feedback, he woke up on the morning of June 3 and found that his phone had no signal. He found that his phone number had been reissued online. The hacker used the phone number to retrieve his email and OKX password. After the user logged into his account, he found that his OKX assets had been cleared. Since the new device had a 24-hour withdrawal freeze, the hacker used C2C transactions to transfer about $1.46 million in crypto assets (the merchant did not pay, and the hacker directly confirmed it).

OKX told the user that it was the mobile company's responsibility and had nothing to do with the exchange. The user said that his Binance account had installed an authenticator, so the Binance account was not affected. The user told Wu that he used a Honor phone and thought that the phone could not install Google Authenticator. Currently, OKX has launched a mandatory Google verification code on June 12 after experiencing multiple user theft incidents.