The OKX DEX suffered a security breach leading to over $370k in losses for users, which the platform has promised to pay back.
In the early hours of Wednesday, OKX DEX confirmed it had suffered a security breach. The OKX DEX is a Web3 aggregator that allows users to access the best prices while swapping assets. The aggregator curates the best prices from different DEXes and ensures users go through optimal trading routes.
The recent vulnerability involved a deprecated proxy contract on the OKX DEX aggregator platform, with the hacker illegally gaining management rights to the contract. A deprecated contract is one that is no longer being actively used by a protocol for performing user transactions. Evidently, OKX had replaced the contract with an upgraded version but has not completely disabled its usage.
According to Slowmist’s analysis, once the hacker gained access to the contract through a private key leak, they used earlier token approvals that users had granted the contract to steal their assets. OKX has since regained access to the contract and took immediate action to secure the remaining users’ assets.
?SlowMist Security Alert: OKX DEX Proxy Admin Owner's Private Key Suspected to be Leaked?
According to information from SlowMist Zone, the OKX DEX contract appears to have encountered an issue. After SlowMist's analysis, it was found that when users exchange, they authorize…
— SlowMist (@SlowMist_Team) December 13, 2023
In the meantime, the exchange also promised to reimburse all affected users. Additionally, it would conduct a thorough security review to prevent a similar occurrence in the future. It is estimated that OKX DEX had ove 50,000 active user wallets in the past 30 days, while the number of users affected by the latest breach is unknown.
We regret to inform you that a deprecated smart contract on OKX Dex has been compromised. We have taken immediate action to secure all user funds and revoke the contract permissions. We are working with relevant agencies to locate the stolen funds and will reimburse affected… pic.twitter.com/zDIjhb3ETz
— OKX Web3 (Wallet | DeFi | NFT) (@okxweb3) December 13, 2023
DeFi Hacks Remain a Prevailing Risk for Investors
The OKX DEX hack underlines the need for users to exercise caution while interacting with DeFi protocols, including those backed by prominent entities in the industry. It also highlights the need for the industry to take adequate measures to prioritize the safety of users’ assets, especially while interacting with the DeFi ecosystem.
In November alone, hackers siphoned over $290 million from crypto projects, albeit with security exploits involving centralized and decentralized platforms. A stronger level of security is required if the crypto industry and DeFi ecosystem would reach their full potential and onboard mainstream users.
DisClamier: This content is informational and should not be considered financial advice. The views expressed in this article may include the author's personal opinions and do not reflect The Crypto Basic opinion. Readers are encouraged to do thorough research before making any investment decisions. The Crypto Basic is not responsible for any financial losses.