OKX Dex Hacked Via Compromised Proxy Wallets

OKX, a popular decentralized exchange aiming to reduce cross-chain friction, was hacked earlier today by an unknown bad actor.

Whereas recent attacks on exchanges have generally focused on compromising and manipulating smart contracts, this one seems to have been carried out by stealing the credentials needed to access the exchange’s wallets, where funds were held in escrow until transactions could be completed.

🚨SlowMist Security Alert: OKX DEX Proxy Admin Owner’s Private Key Suspected to be Leaked🚨

According to information from SlowMist Zone, the OKX DEX contract appears to have encountered an issue. After SlowMist’s analysis, it was found that when users exchange, they authorize…

— SlowMist (@SlowMist_Team) December 13, 2023

Multiple Cryptocurrencies Involved, Few of Them Relevant

The hacker made off with cryptocurrencies spread across 20 different tokens. However, many of these are altcoins with relatively low liquidity, even if some have plenty of hype.

Out of a total of about $424k, tens of thousands of dollars worth of crypto is spread across tokens like ELON, SHIB, and KEK. The amount of PEPE and KEK tokens stolen, for instance, is in the billions, although neither haul is worth more than $20k.

However, tokens with higher liquidity were also stolen in somewhat significant numbers. Over 70k USDC and just over $20k in USDT and wETH, respectively, were stolen in the attack.

Compromised Wallets Suspended, Users To Be Compensated

Luckily for users of the decentralized exchange, the attack was relatively unsophisticated, allowing the dev team to regain control of their platform’s rogue elements quickly.

According to Wu Blockchain, OKX has confirmed that all users affected by the hack will be compensated in short order.

“OKX stated that due to the hack of the management rights of an abandoned OKX DEX market maker contract, 18 address assets authorized for the contract were hacked. The affected contracts have been deactivated and all user assets have been confirmed to be safe. All affected users have lost approximately $370k, and OKX will compensate. OKX will conduct a security self-examination and reorganize all relevant abandoned contracts.”

The fact that a relatively well-known DEX was successfully hacked startled some members of the community. Others also commented on the quick resolution time, stating that this proves OKX may not be as decentralized as the developers claim.

Although this warrants some serious thought, it’s also true that a built-in killswitch is a safe precaution for any platform. If the dev’s access to the platform amounts to simply turning off defective wallets, it would be unreasonable to accuse them of being underhanded. After all, the (possibly) limited amount of access they have stopped the attack in short order.