Cryptocurrency exchange security is back in the spotlight after users on OKX reported significant thefts allegedly bypassing the platform’s SMS notification security. This incident highlights the evolving tactics hackers employ to steal digital assets.
On June 9th, blockchain security firm SlowMist revealed details of two separate attacks targeting OKX accounts. Both incidents involved attackers exploiting SMS notifications, possibly originating from Hong Kong, to gain unauthorized access. The attackers then created new API keys with withdrawal and trading permissions, suggesting a well-coordinated effort rather than random attempts.
While specifics remain confidential due to ongoing investigations and user privacy concerns, the attacks raise questions about the effectiveness of SMS-based security in the face of increasingly sophisticated hacking methods. Notably, neither victim had two-factor authentication (2FA) enabled using tools like Google Authenticator. SlowMist advises users to prioritize 2FA but cautions against panic, as the limited number of reported cases suggests a targeted attack rather than a widespread security breach.
OKX has acknowledged the reports and contacted affected users. The exchange emphasizes its commitment to a thorough investigation and full responsibility if the platform is found at fault. This includes transparent communication of the investigation’s findings and potential user compensation.
Also Read: Bitcoin (BTC) Transaction Fees Skyrocket To $50! OKX Blamed For Network Chaos
The OKX incident comes on the heels of a similar theft on Binance, where a hacker manipulated web cookies and exploited trading pair liquidity to steal over $1 million in crypto. These events underscore the need for robust security measures on both crypto exchanges and user accounts.
Users are encouraged to remain vigilant, prioritize 2FA, and exercise caution when dealing with account permissions and API keys. Both OKX and SlowMist will continue to update the public as investigations progress.
Disclaimer: The information in this article is for general purposes only and does not constitute financial advice. The author’s views are personal and may not reflect the views of Chain Affairs. Before making any investment decisions, you should always conduct your own research. Chain Affairs is not responsible for any financial losses.
About The Author
