- OKX users who were recently affected by a hack received full compensation from OKX.
- The exchange decides to add a mandatory Google Authenticator to avoid similar incidents.
- SlowMist reported earlier that the accounts were compromised by a SIM-swapping attack.
The two OKX users who were recently hacked received their full compensation from OKX. . Chinese crypto journalist Colin Wu had a report on two user accounts that were hacked through SMS and email hijacking.
On June 9, 2024, Blockchain security firm SlowMist founder Yu Xian reported a major exploit in the OKX ecosystem, resulting in the loss of funds for two OKX users. The users’ accounts were reportedly compromised in a SIM-swapping attack due to a vulnerability in the platform’s Two-Factor authentication (2FA) security system.
Xian elaborated on the hackers’ potential strategies and the critical details identified by the tracker, he stated,
“The SMS risk notification came from “Hong Kong” and a new API Key was created…The premeditated gang committed the crime in a concentrated manner.”
Security analytics platform Dilation Effect further investigated the matter and identified a vulnerability in OKX’s authentication system, finding that OKX allows for lower security verification methods during sensitive operations.
In response to the hack, OKX initiated a probe and contacted the affected users, promising compensation if OKX was found responsible for the losses. The platform stated:
“We attach great importance to the “exchange user assets stolen” situation reported online today…If it is finally determined that the platform is responsible, the platform will take the initiative to bear it. In addition, we will announce the results as soon as the relevant investigation is completed.
As per Colin Wu’s post, OKX has fulfilled its promise. Additionally, the platform has decided to implement mandatory Google Authenticator to prevent any such mishaps in the future.
Disclaimer: The information presented in this article is for informational and educational purposes only. The article does not constitute financial advice or advice of any kind. Coin Edition is not responsible for any losses incurred as a result of the utilization of content, products, or services mentioned. Readers are advised to exercise caution before taking any action related to the company.