The OKX DEX suffered a major hack, with users losing millions after hackers grabbed control of a proxy admin account.
Blockchain security firm SlowMist Zone first raised the alarm about the attack on social media platform X. Their preliminary investigation suggests the proxy admin's private key was leaked, allowing the hackers to hijack control of the DEX proxy contract.
As users began reporting unauthorized withdrawals late on December 12th, OKX quickly deactivated the contract and promised full compensation to victims of the cyber heist.
The attack bore similarities to previous exploits by a hacker collective tied to major breaches of LunaFi, Uno Re, RVLT, and other DeFi protocols. In response, blockchain intelligence company Arkham Intel has offered a bug bounty for information leading to the identification of the OKX hackers. Tips provided through the bounty program will be shared with OKX to support their ongoing investigation.
This latest incursion highlights the risks associated with decentralized finance, despite claims that “decentralization” enhances security. So far in 2023, over $1.5 billion has been stolen from cryptocurrency providers through hacks, scams and exploits.