OKX, the decentralized exchange (DEX), fell victim to a $2.7 million hack on December 13, when it was discovered that the private key of the proxy admin owner had been compromised.
The incident was first brought to light by SlowMist Zone, a blockchain security firm, in a post on X (formerly Twitter).
According to their report, the issue began on December 12, 2023, around 10:23 pm when the proxy admin owner upgraded the DEX proxy contract to a new implementation contract.
This upgrade triggered a series of events in which a user started stealing tokens from the platform.
Around 11:53 pm, the proxy admin owner made another contract upgrade, but the user continued to exploit tokens.
SlowMist Zone suggested that the attack might be linked to the alleged leakage of the proxy admin owner’s private key. Subsequently, OKX DEX removed the DEX proxy from its trusted list.
Scopescan, an on-chain analysis firm, also reported the attack and mentioned that users had reported the event.
READ MORE: SBI Holdings and Saudi Aramco Explore Digital Asset and Semiconductor Collaboration
After contacting OKX DEX, they were informed that an old abandoned contract had been attacked but was subsequently located and stopped.
The DEX assured users that any losses resulting from the hack would be fully covered.
The hack resulted in a total loss of approximately $2.7 million in various cryptocurrencies, according to PeckShield, another blockchain security company.
They advised users to “revoke allowances” if necessary.
In response to the incident, some users highlighted the misconception that decentralized platforms are immune to security breaches.
They emphasized the importance of caution in the decentralized space, as demonstrated by the OKX DEX hack.
The cryptocurrency industry has suffered significant losses throughout the year, with approximately $1.5 billion attributed to hacks, exploits, and scams up until September 2023.
In the fourth quarter, other platforms like Poloniex and the HECO Chain bridge also experienced substantial losses due to exploits and hacks.
Coinelegraph reached out to OKX for further details regarding the exploit, seeking clarification and additional information on the incident.
