OKX’s SMS Notification Safety Feature Compromised
OKX, a prominent cryptocurrency exchange, recently faced a security breach where a miscreant managed to siphon off crypto amounts from users by exploiting the platform’s SMS notification safety feature. This incident left several users in a state of distress.
The company is currently delving deep into the matter to understand the full extent of the breach and has assured its users that they will be fully compensated for any losses incurred.
Details of the Breach
According to SlowMist, a blockchain security firm, reports started surfacing when two victims disclosed that their OKX exchange accounts had been compromised. In both cases, the users received suspicious SMS notifications originating from Hong Kong, prompting them to authorize withdrawals and trades.
Interestingly, a similar incident occurred earlier in the week on Binance, another leading cryptocurrency exchange. A user fell victim to a similar scheme and lost approximately $1 million worth of crypto due to a cross-trading plugin.
SlowMist’s monitoring division, MistTrack, is actively tracking the wallet addresses associated with the hackers involved in both breaches to identify any patterns or connections.
Investigation and Assurance
Although the victims in these cases had not activated Google Authenticator for added security, it is unlikely that this alone facilitated the hacks. OKX has released a statement reassuring users that they are conducting a thorough investigation to uncover the truth behind the breaches.
The exchange has pledged to provide updates on the situation and has promised full compensation to affected users if any fault is found on their platform. They have urged the community to refrain from spreading unfounded rumors to prevent further escalation of the issue.
In the Binance breach, the hacker employed a sophisticated strategy to evade detection. By manipulating his account with web cookies and executing high-volume trades in the USDT trading pair, the miscreant artificially increased liquidity. Additionally, the hacker placed limited sell orders at inflated prices in illiquid pairs, which contributed to his success.
Image/Photo credit: source url