The decentralized exchange (DEX) OKX has suffered a security breach as a result of a compromised private key, according to cybersecurity firms.
In a post on social media platform X, blockchain security company PeckShield says the exploit enabled the hackers to get away with $2.76 million worth of Ethereum (ETH), Tether (USDT) and USDC.
“PeckShieldAlert OKX DEX suffered a Private Key Leakage attack, resulting in ~$2.76 million worth of cryptos being stolen. Please *Revoke* your allowance if any, to https://etherscan.io/address/0x40aa958dd87fc8305b97f2ba922cddca374bcd7f”
Another blockchain security firm, SlowMist, says the private key of a proxy admin owner may have been leaked, which allowed the attackers to steal from the platform after the DEX proxy contract was upgraded on December 12th.
“The new implementation contract’s functionality is to directly call the claimTokens function of the DEX contract to transfer tokens. Subsequently, attackers began calling the DEX Proxy to steal tokens. The Proxy Admin Owner upgraded the contract again at 23:53:59 on December 12, 2023, with similar functionality, and continued stealing tokens after the upgrade.”
OKX says the incident involves a deprecated smart contract. The DEX says it is now conducting a review of the attack.
“We have taken immediate action to secure all user funds and revoke the contract permissions. We are working with relevant agencies to locate the stolen funds and will reimburse affected users with $370,000. A thorough review is underway to prevent similar incidents. Our apologies for any inconvenience caused.”
Don’t Miss a Beat – Subscribe to get email alerts delivered directly to your inbox
Check Price Action
Follow us on Twitter, Facebook and Telegram
Surf The Daily Hodl Mix
 
Disclaimer: Opinions expressed at The Daily Hodl are not investment advice. Investors should do their due diligence before making any high-risk investments in Bitcoin, cryptocurrency or digital assets. Please be advised that your transfers and trades are at your own risk, and any loses you may incur are your responsibility. The Daily Hodl does not recommend the buying or selling of any cryptocurrencies or digital assets, nor is The Daily Hodl an investment advisor. Please note that The Daily Hodl participates in affiliate marketing.
Generated Image: Midjourney