CertiK Flags Critical Security Loophole in OKX's iOS App; Urges Immediate Updates
Summary:
Blockchain security company, CertiK, discovered a critical security vulnerability in the iOS app for OKX users, prompting immediate updates. OKX promptly addressed the issue and no customer assets were affected. The potential breach could have enabled attackers to run harmful code on the computers or the network of an organisation. This announcement follows a recent attack on OKX resulting in a theft of $2.7 million.
Blockchain security provider, CertiK, has issued an urgent call to all iPhone users of OKX, recommending an immediate update of their iOS applications. This call follows the discovery of a significant security loophole by CertiK earlier this month. The firm announced via an X (previously known as Twitter) post that all OKX wallet users should promptly update to the newest iOS application version to shield themselves from a possible security breach. They pointed out that the OKX iOS App was subject to a severe Remote Code Execution (RCE) vulnerability that could lead to the compromise of important data and cryptocurrency assets.
On December 19th, OKX addressed the problem with a pertinent upgrade and advised all users to transition to the iOS version 6.45.0. CertiK confirmed the resolution of the security issue. OKX also assured its users that no customer assets were impacted due to the problem.
The risk of an RCE vulnerability is that it allows offenders to execute harmful code on the computers or network of an organisation, opening up the possibility of funds being robbed or data breaches. OKX, a decentralised exchange, fell victim to a $2.7 million heist on December 13, subsequent to the alleged leak of the private key of the proxy admin owner. CoinGecko, in their "trust score" leaderboard for trading platforms, ranks OKX as the 10th most reliable cryptocurrency exchange, scoring 9 out of 10. In late November, OKX began offering trading and wallet services in Brazil.
Published At
12/20/2023 7:00:56 AM
Disclaimer: Algoine does not endorse any content or product on this page. Readers should conduct their own research before taking any actions related to the asset, company, or any information in this article and assume full responsibility for their decisions. This article should not be considered as investment advice. Our news is prepared with AI support.
Do you suspect this content may be misleading, incomplete, or inappropriate in any way, requiring modification or removal?
We appreciate your report.