OKX and SlowMist Investigate Multi-Million Dollar Crypto Account Theft Via SMS Attack
Summary:
OKX cryptocurrency exchange and its security partner SlowMist are probing a multi-million dollar exploit involving the theft of two user accounts. The theft was executed through an SMS or SIM swap attack on June 9. OKX's two-factor authentication (2FA) may not be the primary security flaw. Despite uncertainty surrounding the exact amount stolen, it is confirmed to be millions in assets. There has been a rise in sophisticated hackers bypassing 2FA and phishing attacks aimed at procuring sensitive data, marking a significant shift in the landscape of digital asset vulnerabilities.
OKX, a prominent cryptocurrency exchange, in association with its security partner SlowMist, is conducting a probe into a sizable exploit that led to the heist of two client accounts. The inquiry centers on the theft of two accounts belonging to OKX users, accomplished via an SMS attack, typically referred to as a SIM swap, on June 9. SlowMist's founder, Yu Xian, circulated this data in an X posting. This breach, believed to originate from Hong Kong, resulted in the establishment of a new API Key, leading to an array of permissions and the suspicion of cross-trading intentions. While the precise sum attained by the criminals through this assault is undetermined, Xian indicates that assets worth millions of dollars were absconded with.
It's worth noting that the primary security loophole in this incident may not have been OKX's two-factor authentication (2FA), as per ongoing investigations by SlowMist. Yu Xian stated in a June 9 X article that he hadn't triggered a 2FA verification, such as Google Authenticator, but was unsure of its role in the episode.
Following an analysis conducted by Dilation Effect, a Web3 security group, it seems that OKX's 2FA mechanism permitted the culprits to reduce the level of security verification, thereby enabling them to register withdrawal addresses using SMS verification. However, the prevailing trend amongst malicious parties is to circumvent 2FA barriers.
Recent events saw an individual in China lose $1 million to fraudsters employing a misleading Google Chrome plugin labeled Aggr. This plugin is designed to hijack user cookies, a conduit for hackers to evade password and 2FA hurdles.
CoinGecko, a premier cryptocurrencies platform, also reported phishing attacks in June, following a data violation at the hands of a third-party email system, GetResponse, resulting in approximately 23,723 phishing emails being dispatched to victims. These illicit ploys aim to acquire confidential information, such as private keys to crypto wallets, or to mislead investors into transferring funds to fictitious addresses that appear legitimate.
Intruders have turned their attention to accessible points of weakness, rendering the exposure of private keys and personal data the primary cause of breaches in crypto security. A 2024 HackHub report by Merkle Science reveals that over 55% of infiltrated digital assets were lost to private key leaks in the previous year.
Published At
6/12/2024 3:13:47 PM
Disclaimer: Algoine does not endorse any content or product on this page. Readers should conduct their own research before taking any actions related to the asset, company, or any information in this article and assume full responsibility for their decisions. This article should not be considered as investment advice. Our news is prepared with AI support.
Do you suspect this content may be misleading, incomplete, or inappropriate in any way, requiring modification or removal?
We appreciate your report.