The OKX DEX suffered a major hack, with users losing millions after hackers grabbed control of a proxy admin account.
On Dec 12. hackers infiltrated the OKX DEX by reportedly compromising the private key of a proxy admin account. The attackers proceeded to upgrade the exchange's proxy contract to a malicious version, granting them access to user funds stored in 18 wallet addresses linked to a market-making smart contract. Over $2.7 million in various cryptocurrencies were stolen before OKX detected the breach and shut down the affected contracts.
Blockchain security firm SlowMist Zone first raised the alarm about the attack on social media platform X. Their preliminary investigation suggests the proxy admin's private key was leaked, allowing the hackers to hijack control of the DEX proxy contract.
As users began reporting unauthorized withdrawals late on December 12th, OKX quickly deactivated the contract and promised full compensation to victims of the cyber heist.
The attack bore similarities to previous exploits by a hacker collective tied to major breaches of LunaFi, Uno Re, RVLT, and other DeFi protocols. In response, blockchain intelligence company Arkham Intel has offered a bug bounty for information leading to the identification of the OKX hackers. Tips provided through the bounty program will be shared with OKX to support their ongoing investigation.
This latest incursion highlights the risks associated with decentralized finance, despite claims that “decentralization” enhances security. So far in 2023, over $1.5 billion has been stolen from cryptocurrency providers through hacks, scams and exploits.
