OKX Investigates Reported Theft Case Following SMS Notification Security Failure

The rise in crypto theft incidents is becoming alarming. Hackers keep advancing their skills by employing increasingly sophisticated techniques to steal user funds. The latest victim is the prominent crypto exchange OKX, which has suffered significant security breaches due to its SMS notification system vulnerabilities.

OKX Deals with Crypto Theft

A Sunday morning report revealed that some bad actors compromised the accounts of two OKX users. The methods used in both cases were strikingly similar, indicating a potentially coordinated attack.

According to the report, the breaches involved notifications of SMS risk originating from Hong Kong and creating new API keys with permissions for trading and withdrawals.

Notably, a crucial aspect of these breaches is the victims’ failure to enable two-factor authentication (2FA) tools such as Google Authenticator. While it is unclear if this oversight was the key factor in the security failures, it highlights the importance of functional security practices.

Initially, these incidents were suspected to be related to cross-trading attempts. They appeared just like a recent theft on Binance, where a user lost over $1 million due to a cross-trading plugin.

However, this theory has since been dismissed, suggesting that the hackers used different means to exploit the SMS notification system. The attackers, believed to be part of a premeditated and organized group, executed their plan in a focused and effective manner.

Meanwhile, SlowMist’s tracking team is monitoring the wallet addresses involved in both hack incidents. The team has promised to provide updates as more information becomes available.

OKX Promises Thorough Investigation

The crypto exchange has swiftly addressed recent reports of stolen user assets. It has taken immediate action by contacting the victims and launching a comprehensive investigation into the case.

In an official statement, OKX reassures users of its dedication to resolving the issue. It stated that if the platform is found to be at fault, it will take full responsibility for any losses incurred.

Furthermore, the exchange has pledged transparency and promised to announce the investigation results immediately after they become available.

Meanwhile, these recent incidents follow a sophisticated attack on another major exchange, Binance. In the case of Binance, the hacker used a unique approach to prevent their account from being detectable.

By exploiting web cookies, the hacker could execute large trades in the USDT trading pair, known for its high liquidity. These hacks take the form of SIM swapping, also known as phone hijacking. This theft incident has significantly threatened several crypto investors and even major industry players.

The technique typically involves hackers hijacking a victim’s phone number. This allows them to intercept security codes sent via SMS and gain unauthorized access to accounts.

A good example of such theft occurred in 2021 when Coinbase, a popular crypto exchange, reported a serious breach. At the time, the exchange saw approximately 6,000 users lose their crypto assets to the hackers.

The attackers reportedly bypassed multi-factor authentication by hijacking SMS messages used for two-factor authentication (2FA).

The Tech Report - Editorial ProcessOur Editorial Process

The Tech Report editorial policy is centered on providing helpful, accurate content that offers real value to our readers. We only work with experienced writers who have specific knowledge in the topics they cover, including latest developments in technology, online privacy, cryptocurrencies, software, and more. Our editorial policy ensures that each topic is researched and curated by our in-house editors. We maintain rigorous journalistic standards, and every article is 100% written by real authors.

Read More

What do you think?

Written by admin

Leave a Reply

Your email address will not be published. Required fields are marked *

GIPHY App Key not set. Please check settings

Forbes 40U40 Candidate Says Shiba Inu Will Rally Above $0.00024 – But How?

Forbes 40U40 Candidate Says Shiba Inu Will Rally Above $0.00024 – But How?

US Spot Bitcoin ETFs Took 2 Month of BTC Mining Supply Within the First Week of June

US Spot Bitcoin ETFs Took 2 Month of BTC Mining Supply Within the First Week of June