Back to News

OKX Decentralized Exchange Compromised Through Breached Proxy Wallets

Twitter icon  •  Published 4 months ago  •  Nikolas Sargeant

The hacker absconded with cryptocurrencies spanning 20 different tokens.

The assault, nevertheless, was thwarted before significant harm could transpire. Earlier today, an unidentified malicious actor targeted OKX, a widely used decentralized exchange to minimize cross-chain obstacles.

While previous attacks on exchanges have predominantly aimed at infiltrating and manipulating smart contracts, this incident appears to have involved the theft of credentials required for accessing the exchange's wallets. These wallets held funds in escrow until transactions could be finalized.

Various Cryptocurrencies Affected By The Hack

The hacker absconded with cryptocurrencies spanning 20 different tokens. Nevertheless, a considerable portion of these comprises altcoins with relatively limited liquidity despite garnering substantial hype.

Of the approximately $424k total, tens of thousands of dollars' worth of crypto is distributed among tokens such as ELON, SHIB, and KEK. Notably, the stolen quantities of PEPE and KEK tokens are in the billions, although neither stash exceeds $20k in value.

Yet, tokens with higher liquidity also fell victim to the breach in significant quantities. The attack resulted in the theft of over 70k USDC, just over $20k in USDT, and a similar amount in wETH.

Suspended Wallets Due to Compromise; Compensation Planned for Users

The decentralized exchange users were fortunate as the unsophisticated nature of the attack allowed the development team to quickly regain control. OKX confirmed compensation for affected users, addressing the compromise of 18 address assets linked to an abandoned DEX market maker contract. Approximately $370k was lost, and affected contracts have been deactivated, with OKX planning a security self-examination.

The successful hacking of a prominent DEX raised concerns about OKX's decentralization claims. Despite these concerns, having a built-in killswitch, allowing the deactivation of defective wallets, is a prudent safety measure. Accusing developers of underhandedness seems unreasonable when their limited access likely played a crucial role in swiftly halting the attack, sparking discussions on the delicate balance between security and decentralization in decentralized exchanges.

Author

Nikolas Sargeant

Nik is a content and public relations specialist with an ever-growing interest in Crypto. He has been published on several leading Crypto and blockchain based news sites. He is currently based in Spain, but hails from the Pacific Northwest in the US.