Cryptocurrency heist rocks OKX DEX as over $400,000 is stolen in a breach tied to a compromised market maker contract. Find out how the attacker bypassed authorization, OKX’s response, and the ongoing risks users face in the crypto space.
In a major security breach, over $400,000 was stolen from OKX DEX, a decentralized exchange aggregator platform. The exploit, attributed to a compromised market maker contract, allowed the attacker to transfer tokens without user authorization. The breach occurred on December 12, when a contract manager maliciously altered its functionality, likely due to leaked private keys. This modification bypassed the authorization process, enabling the attacker to execute the claimTokens function and drain funds from affected wallets.
Blockchain security firm SlowMist identified the suspected attacker’s address and the location where stolen funds were laundered. OKX confirmed the exploit, linking it to an abandoned DEX contract. The affected contracts have been deactivated, and OKX promises compensation to affected users. The exchange also commits to conducting a security review of abandoned smart contracts to prevent future breaches.
The vulnerability stemmed from a flaw in an abandoned DEX contract, not affecting all users. OKX has taken corrective measures to address the issue and prevent similar incidents. While the breach raises concerns, it shouldn’t deter users from utilizing the exchange.