- Hackers compromised two OKX accounts without the victims utilizing Google Authenticator by creating new API keys.
- Last week, a Binance user faced similar theft losing over $1 million in crypto due to a cross-trading plugin.
- SlowMist’s tracking team continuously monitors the hacker wallet addresses implicated in both cases.
The number of crypto thefts is increasing day by day as hackers come up with innovative methods to siphon off user funds. Recently, users of crypto exchange OKX claimed that the platform’s sms notification security was breached and a major theft was committed.
Two OKX Accounts were Hacked
On June 9, SlowMist revealed that two victims’ OKX exchange accounts had been hacked utilizing strikingly identical techniques and characteristics. The platform also stated that these events involved SMS risk notification alerts sent from “Hong Kong”, accessed by establishing new API keys with withdrawal and trading capabilities.
DMM Bitcoin Plans $321M Recovery After Major HackInitially thought to be cross-trading attempts, this notion has now been disproven. Last week, a Binance customer had a similar heist, losing over $1 million in cryptocurrency owing to a cross-trading plugin.
Binance Users Experienced Similar Attacks
This Binance account might have been hacked after downloading the Google extension Aggr, which KOLs advocated. On May 24, a Chinese user used this plug-in, leading to the theft of $1 million through cross-trading.
Another Binance user’s assets were taken on March 1. Hackers utilize hijacked cookies to circumvent password/2FA verification and get access to the victim’s Binance account.
MistTrack’s Report
A prepared gang carried out the attacks with great concentration. SlowMist’s tracking team, MistTrack, continuously monitors the hacker wallet addresses involved in both events and will offer updates as they become available. However, details about the instances will not be revealed without the victims’ permission.
OKX Takes Responsibility for Losses
OKX has replied to claims of stolen user assets that circulated online today. The exchange has contacted the impacted users and is now examining the instances.
In a statement, OKX reaffirmed its commitment to resolve the matter, stating that if the platform is guilty, it will accept full responsibility for the damages. The exchange has vowed to reveal the inquiry results as soon as they are ready and has advised users to be patient and avoid excessive speculation.