By
Bena Ilyas
June 28th, 2024
While the exchange grapples with these security challenges, Binance, the leading global crypto exchange, has seen a net inflow of $1.364 billion over the past seven days.
OKX, a prominent crypto exchange, has experienced substantial outflows amid recent rumors of security breaches. According to DefiLlama, users have withdrawn approximately $204 million in the past 24 hours and $633 million over the past week, totaling an alarming $837 million.
The mass withdrawals began after reports surfaced that two users’ accounts had been hacked in a suspected SIM swap attack over the weekend. The attackers gained access to both accounts, although the exact amount stolen remains undisclosed.
OKX Is Investigating Recent Attacks on the Platform
In addition to the June 9 attack, OKX faced another attack where bad actors used artificial intelligence (AI) to create fake videos which were used to bypass the exchange’s security measures last week.
In response to these incidents, the exchange announced on X that it is prioritizing the investigation into the stolen funds and is working to identify the root cause of the hacks.
Despite these assurances, many users have continued to withdraw their funds, making OKX the exchange with the largest outflows in the past seven days, according to DefiLlama.
While the exchange grapples with these security challenges, Binance, the leading global crypto exchange, has seen a net inflow of $1.364 billion over the past seven days. With Binance leading, other exchanges such as HTX (formerly known as Huobi Global) saw inflows of $19.36 million. Additionally, exchanges such as KuCoin and Gate.io experienced inflows of approximately $1.82 million and $50.83 million, respectively, in the past week.
A Sophisticated Sim-swap Technique
Meanwhile, while OKX is still analyzing the security situation on its platform, blockchain investigators have come up with different theories pertaining to the possible cause of the attacks.
In a social media post on X, Yu Xian, the founder of blockchain security firm SlowMist while focusing on the latest attack that involved two users losing their funds on the exchange, highlighted that the thieves exploited a loophole on OKX’s two-factor authentication (2FA) system to conduct the attack.
According to him, the bad actors used a sophisticated sim-swap method to infiltrate the company’s security system. This method involved sending the victims SMS risk notifications that originated from Hong Kong before creating a new API key as part of their account authentication process, allowing them access to both accounts.
OKX Security System Is Flawed
On June 10, a group of crypto security enthusiasts known as Dilation Effect (DE) said on X that they had uncovered the loophole on OKX’s authentication system which gave the thieves access to the platform.
According to DE, the exchange allows users to switch from 2FA to ‘lower security verification methods’, such as SMS verification, during sensitive user operations such as withdrawals, whitelisting addresses, changing login passwords, and disabling 2FA verification.
The group found that none of these actions triggers a 24-hour withdrawal ban on the exchange, adding that the ban is only activated when logging into a new device. DE further noted that if an address is whitelisted, large amounts of crypto can be withdrawn from the account without additional verification.