After a series of hacks, representatives of the OKX crypto exchange said that the hacker "forged court documents" to obtain the personal information of a "very limited number" of users.
"All users involved in the incident have been/will be compensated for their losses appropriately. [ ... ] The OKX account protection system has been in operation for more than 10 years. We are fully confident in its safety, but we will continue to adhere to the principle of compensation for losses caused through our fault, " the publication says.
Earlier, Dilation Effect analysis revealed potential vulnerabilities in the exchange's security mechanism. The study showed that the system allows you to bypass the Google Authenticator 2FA service and switch to checks with a lower level of security (SMS, adding an address to a whitelist, etc.).
However, OKX refuted this assumption. According to the appeal, the hack "has nothing to do with Google Authenticator or SMS verification."
The case is already being investigated by the judicial authorities, so the company does not disclose specific details.
"We have optimized the judicial cooperation process, implemented a verification mechanism and strengthened the security level of facial recognition using AI. In the future, we will introduce an expiration mechanism for the verified address in the address book to prevent the recurrence of such incidents," OKX emphasized.
Fate of the victims
On June 9, the analytical company SlowMist reported suspicious hacking of OKX accounts. The attacks affected two Japanese users and were similar in execution.
"In addition to the common features mentioned by [another hacked user under the nickname] AsAnEgg, an SMS notification about the risk came from Hong Kong, and a new API key was created (with permissions for withdrawing funds and trading, so earlier we suspected the intention of cross-trading)," the researchers noted.
The addresses of wallets linked to the hacker are currently being tracked by SlowMist, but the team is not disclosing additional information yet, so as not to interfere with an active investigation.
Analysts asked other possible victims of the attackers to contact them. Earlier, journalist Colin Wu also reported on an OKX client who was robbed of more than $2 million using AI.
On June 11, the victim of hackers was the operations manager of the QuantMatter market maker under the nickname Crypto LaLa. She said that the hacker removed $11 million worth of assets from her main and sub-accounts.
"The hacker gained full access to my account. He converted the assets to ETH and withdrew all the funds in 25 minutes. I noticed this in one of my subaccounts. When I checked the main account, all the money was already stolen, " Crypto LaLa wrote.
As in the case of other incidents, the last known victim of intruders did not receive alerts from the security system. Information about the compensation of funds for the QuantMatter employee has not yet been received.
"All users involved in the incident have been/will be compensated for their losses appropriately. [ ... ] The OKX account protection system has been in operation for more than 10 years. We are fully confident in its safety, but we will continue to adhere to the principle of compensation for losses caused through our fault, " the publication says.
Earlier, Dilation Effect analysis revealed potential vulnerabilities in the exchange's security mechanism. The study showed that the system allows you to bypass the Google Authenticator 2FA service and switch to checks with a lower level of security (SMS, adding an address to a whitelist, etc.).
However, OKX refuted this assumption. According to the appeal, the hack "has nothing to do with Google Authenticator or SMS verification."
The case is already being investigated by the judicial authorities, so the company does not disclose specific details.
"We have optimized the judicial cooperation process, implemented a verification mechanism and strengthened the security level of facial recognition using AI. In the future, we will introduce an expiration mechanism for the verified address in the address book to prevent the recurrence of such incidents," OKX emphasized.
Fate of the victims
On June 9, the analytical company SlowMist reported suspicious hacking of OKX accounts. The attacks affected two Japanese users and were similar in execution.
"In addition to the common features mentioned by [another hacked user under the nickname] AsAnEgg, an SMS notification about the risk came from Hong Kong, and a new API key was created (with permissions for withdrawing funds and trading, so earlier we suspected the intention of cross-trading)," the researchers noted.
The addresses of wallets linked to the hacker are currently being tracked by SlowMist, but the team is not disclosing additional information yet, so as not to interfere with an active investigation.
Analysts asked other possible victims of the attackers to contact them. Earlier, journalist Colin Wu also reported on an OKX client who was robbed of more than $2 million using AI.
On June 11, the victim of hackers was the operations manager of the QuantMatter market maker under the nickname Crypto LaLa. She said that the hacker removed $11 million worth of assets from her main and sub-accounts.
"The hacker gained full access to my account. He converted the assets to ETH and withdrew all the funds in 25 minutes. I noticed this in one of my subaccounts. When I checked the main account, all the money was already stolen, " Crypto LaLa wrote.
As in the case of other incidents, the last known victim of intruders did not receive alerts from the security system. Information about the compensation of funds for the QuantMatter employee has not yet been received.
