OKX DEX hits $2.7M profit after proxy manager contract update
OKX Decentralized Exchange (DEX) suffered a $2.7 million hack on December 13 after it was reported that the private key of the owner of the proxy was leaked.
On December 13, the blockchain security firm SlowMist Zone posted on X (formerly Twitter) that the OKX DEX had “experienced a problem”. According to the report, the issue started on December 12, 2023 at 10:23 PM when the owner of the proxy manager updated the DEX proxy contract to a new execution contract and the user started stealing tokens.
SlowMist Security Alert: OKX DEX Proxy Management Owner's Private Key Called to be Released.
According to the information from the SlowMist zone, the OKX DEX contract has experienced a problem. After SlowMist's analysis, it was discovered that when users exchange, they authorize…
— SlowMist (@SlowMist_Team) December 13, 2023
Then, around 11:53 p.m., the owner of the proxy manager made another modification to the contract, and the user continued to exploit the tokens. A SlowMist analysis at the time said the attack was “likely” due to the release of the proxy manager's owner's key.
The DEX proxy was subsequently removed from the platform's trusted list.
The chain's Scopscan also reported the attack, saying users were reporting the incident. After contacting DX, he reported that an abandoned contract had been attacked, but that it had been detected and stopped.
OKX DEX also said it will “fully bear” any user losses caused by the hack.
Users have reported an exploit incident on the #OKX DEX contract.
We contacted them and received the following response.
“The previously abandoned MM contract was attacked, and the attack was detected and stopped.
The losses of the users involved will be fully covered.”
Exploited… pic.twitter.com/GrKUdrnGVk
— Scopescan (@0xScopescan) December 13, 2023
Related: Aerodrome and Velodrome DeFi platforms face front-end hacks
According to a report posted by blockchain security company PeckShield, the total loss of the OKX DEX attack was around $2.7 million in various cryptocurrencies. PeckShield advises users to “please cancel allowances” if any.
In light of the hack, an X user posted a reminder that something “decentralized” doesn't mean its assets are secure:
People say they want decentralization, so builders give them DEXs.
People think we won't lose our assets just because it's decentralized. No you're wrong, you can still get hacked, and today's uncomfortable part with OKX DEX is a “be careful what you wish for” reminder.
— Eugene Ng (@Eug_Ng) December 13, 2023
In the year By September 2023, research shows that the crypto industry has lost $1.5 billion this year due to hacking, exploitation and fraud.
So far in the fourth quarter, Poloniex has experienced an exploit that resulted in over $100 million in digital asset losses, and the HECO Chain bridge hack resulted in over $80 million in losses.
Magazine: This is your brain on crypto: Substance abuse grows among crypto traders
