OKX DEX Exploited: Wallets Authorized to the Exchange Lost Approximately $370,000
OKX DEX, a decentralized exchange and cross-chain bridge aggregator, has experienced an exploit resulting in the loss of around $400,000 from authorized wallets. The issue stems from the authorization process during exchanges on the platform. Users authorize the TokenApprove contract, which allows the DEX contract to transfer tokens. The DEX contract includes a claimTokens function that permits a trusted DEX Proxy to transfer tokens on behalf of users.
On December 12, the Proxy Admin Owner upgraded the DEX Proxy contract, which introduced a new functionality that allowed unauthorized calls to steal tokens. The Proxy Admin Owner performed another contract upgrade later that day, further enabling token theft. SlowMist, a blockchain security firm, suspects that the attack resulted from a leaked private key. OKX stated that 18 addresses were hacked but assured users that their assets are safe.
OKX Says 18 Addresses Were Hacked
According to OKX, 18 address assets authorized for the contract were hacked due to the management rights of an abandoned OKX DEX market maker contract being compromised. The affected contracts have been deactivated, and user assets are secure. The exchange estimates that $370,000 was stolen and promises to compensate affected users.
OKX Enjoys Growing Market Share as Binance Bleeds
OKX has experienced significant growth in market share this year alongside Upbit and Bybit. In terms of spot market share, they have made substantial gains compared to Binance, BeQuant, and Crypto.com, which have seen declines in market share. OKX and Bybit also saw increases in derivatives volumes and market share while Binance’s market share declined last month. Despite the decline, Binance remained the largest derivatives exchange in November by monthly volume.
Hot Take: OKX Must Address Security Vulnerabilities
OKX DEX’s recent exploit highlights the importance of robust security measures in the crypto industry. The unauthorized calls and subsequent token theft demonstrate vulnerabilities in the authorization process and contract upgrades. OKX must take immediate action to address these vulnerabilities and strengthen its security protocols to prevent future incidents. This incident may shake user confidence in the platform, so it is crucial for OKX to provide transparent communication, compensate affected users, and implement stringent security measures to protect user funds.
Wyatt Newson emerges as a luminary seamlessly interweaving the roles of crypto analyst, dedicated researcher, and editorial virtuoso. Within the dynamic canvas of digital currencies, Wyatt’s insights resonate like vibrant brushstrokes, capturing the attention of curious minds across diverse landscapes. His ability to untangle intricate threads of crypto intricacies harmonizes effortlessly with his editorial mastery, transmuting complexity into a compelling narrative of comprehension. Guiding both seasoned navigators and curious newcomers, Wyatt’s insights serve as a compass for astute decision-making amidst the ever-shifting currents of cryptocurrencies. With the artistry of a linguistic craftsman, they skillfully craft narratives that enrich the evolving tableau of the crypto landscape.
