In a recent incident, the decentralized exchange (DEX) operated by OKX has fallen victim to suspected exploitation, resulting in the unauthorized access and theft of wallets associated with the platform, amounting to over $424,000. The deployer of OKX DEX’s Aggregation Router is believed to be implicated in the attack.
It seems that the breach on OKX DEX occurred due to the unauthorized access of wallets. The firm is currently investigating the suspected attacker, who can be identified by the address 0xFacf375Af906f55453537ca31fFA99053A010239.
Moreover, attention is being directed towards the proceeds address associated with this incident, which can be traced back to 0x1F14E38666cDd8e8975f9acC09e24E9a28fbC42d.
OKX is a cryptocurrency exchange for trading various cryptocurrencies and digital assets. Users can buy, sell, and trade a wide range of cryptocurrencies on the OKX exchange. The platform also offers features such as futures trading, options trading, and staking services.
https://twitter.com/SlowMist_Team/status/1734790816806449567
OKX DEX refers to the decentralized exchange (DEX) offered by OKX, a prominent global cryptocurrency spot and derivatives exchange.
The DEX provides a platform for users to trade various cryptocurrencies and digital assets in a decentralized manner, offering features such as peer-to-peer trading, enhanced security, and direct control over assets.
It is part of OKX’s broader suite of services, which includes traditional centralized exchange services, as well as offerings related to decentralized finance (DeFi) and non-fungible tokens (NFTs).
The DEX is designed to provide users with a more autonomous and secure trading experience, aligning with the growing interest in decentralized platforms within the cryptocurrency ecosystem.
The security lapse is suspected to be linked to the leakage of the private key associated with the 0xFacf3 permission account. This key compromise potentially facilitated unauthorized access and subsequent theft.
OKX has taken swift action in response to the breach. The proxy used for the attack has been successfully removed, mitigating further threats.
In a statement, OKX disclosed that the breach occurred due to the compromise of management rights for an abandoned OKX DEX market maker contract.
As a result, 18 addresses associated with the compromised contract were targeted.
The exchange reassured users that the affected contracts have been deactivated, and comprehensive assessments have confirmed the safety of all user assets.
The exchange is actively addressing the situation and has committed to supporting affected users in navigating any potential consequences resulting from the security incident.