OKX’s recent controversies
Cryptocurrency exchange OKX has experienced several recent incidents that have caused concern among its users. First, the exchange wallet was found to be collecting abnormal assets with high gas fees, spending 5.3 Bitcoins, causing market panic. Secondly, many users reported receiving abnormal email notifications and subsequently encountered malicious mobile phone verification code attacks, resulting in assets being transferred out.
1. Abnormal collection events
In a series of actions that were regarded as asset accumulation, OKX actually spent 5.3 Bitcoins on transaction fees, which was much higher than the normal level. Some observers noticed this and raised the alarm, triggering market panic. In this regard, OKX officially explained: "It was testing an aggregation program and had stopped when asked." This explanation failed to calm users' concerns. Similar incidents have occurred in Binance in the past.
Source: X
2. Theft of user assets
Several users from mainland China stated on X that their assets had been stolen in the amount of 1 million $USDT or 800,000 $USDT respectively. These users reported that their OKX-related mailboxes were bombarded with spam before their assets were stolen, and hackers then withdrew their ether via SMS verification codes. Security expert Yu Xian pointed out that the victims’ mobile phones were all iPhones, which were only used for transactions and had never clicked on any suspicious links. He believes this is a premeditated criminal group and is currently tracking the relevant addresses.
victim's voice
According to a victim "Le Yan" shared, at about 1 a.m. on the day of the incident, his mobile phone suddenly received an OTP text message from the OKX account, followed by multiple "Add whitelist currency withdrawal address" and "Create API Key" messages. notification email. When he logged into his OKX account to check, he found that the assets had been transferred to the whitelist address he had just added, and the stolen amount was approximately 5 million yuan (approximately $680,000).
The victim said that the entire process of asset theft only took 15 minutes, and that he never clicked on any suspicious links on his iPhone and never clicked on the emails in his mailbox. He questioned the security of OKX and said that after the incident, he contacted OKX to try to seek assistance, but only received a response of "contact the police yourself."
Source: X
OKX official response
As the incident unfolded, OKX officially issued a message on social platform
OKX posted: "If it is ultimately determined that the platform is responsible, the platform will take the initiative to assume responsibility. The results will be announced as soon as possible after the investigation is completed. Please wait patiently and stop unnecessary speculation."
Xu Mingxing issued a rare clarification
OKX founder Xu Mingxing issued a rare post in response to Dilation Effect’s questions about this incident. The original text is as follows:
Thank you for your special attention. The opinions of this article have nothing to do with recent cases. There are no cases of user loss caused by switching from GA to SMS.
Authentication-free addresses are designed for API users to automatically withdraw money. Setting a limit does not meet actual needs. Moreover, the security verification of adding a verification-free address is at the same level as withdrawals. Here you can consider introducing a silent authentication-free address automatic expiration mechanism.
GA and SMS have their own advantages and disadvantages in terms of security. The security level of GA is indeed slightly higher than that of SMS, but it is not absolutely safe.
There are two ways for hackers to steal users' GA: a) Plant Trojans on the user's device; b) If the user turns on GA cloud synchronization, stealing the user's Google account can also obtain the user's GA.
Methods of stealing users’ SMS include device Trojan implantation, SIM card duplication, forging base stations, and stealing through SMS service providers.
OKX has full confidence in the safety of our products, and we will, as always, fully compensate for any capital losses caused by OKX itself.
In addition, in response to the rumors of adding whitelisted addresses, Xu Mingxing also issued a post to refute the rumors and promised to improve OKX’s address book function.
Source: X
Future security improvements
OKX also announced that it will upgrade some system modules to provide better services. The upgrade process may cause some users to log in to the APP or website again, but this upgrade will not affect any of the users' products and services, nor will the security of their accounts and assets be affected.
Source: X
Security experts recommend that users turn on 2FA verification and ensure that account security settings are in place to prevent similar attacks from occurring. After OKX's security settings issues were exposed, users' trust in the exchange was challenged, but it is also hoped that OKX can rebuild user confidence by improving security measures.
Hackers use AI to change faces and steal assets! OKX user’s two million magnesiums have been completely discharged. How does the official respond?
"Crypto City" reminds citizens not to over-concentrate their assets in a single exchange. Cryptocurrency risks are high. Please remember to diversify risks and ensure the safety of your assets.
