Cryptocurrency exchange OKX has recently experienced several events that have caused concern among users:
Event one, it was discovered that the exchange wallet was abnormally consolidated using high Gas Fees (consolidating asset storage addresses).
Event two, multiple users reported receiving abnormal email notifications, with malicious mobile verification codes leading to asset transfers.
Currently, event one has been officially explained and the situation is under control; event two is still under investigation according to officials, but external cybersecurity teams are assisting the community in prevention.
OKX Panic Event One: Abnormal Consolidation
OKX Panic Event Two: User Assets Continuously Stolen
Enable 2FA Verification
OK Responds to User Theft Event
In a series of actions seen as asset consolidation, OKX spent 5.3 BTC on transaction fees, which is highly abnormal. Observers noticed this and raised concerns. Similar events have occurred in the past with Binance as well.
In response, OKX officially explained, “We were testing a consolidation procedure at that time, which had already been stopped when questioned.”
Several mainland Chinese users on Twitter have reported being stolen amounts like 1 million USDT or 800,000 USDT, and encountering similar abnormal situations.
Twitter account @AsAnEgg stated that these individuals all experienced the following abnormal conditions:
– OK-related emails were bombarded with spam
– Ethereum was bought at market price frantically
– Ethereum was withdrawn using SMS verification codes
Moreover, their iPhones were used only for trading and had not clicked on any links.
Cybersecurity expert Yu Xian pointed out that besides the above characteristics, victims’ SMS notifications all came from Hong Kong, and new API Keys were created (with withdrawal and trading permissions). He believes that there is an intentional criminal group behind this, and relevant addresses are currently being tracked.
Yu Xian, a cybersecurity expert, mentioned that all the victims had not enabled 2FA verification. Although it is unclear if they are related, basic protection measures should still be taken.
In response to Chain News, OKX stated that they take the “user assets being stolen on the trading platform” feedback from the internet today very seriously. They have already contacted the relevant users and are currently investigating the situation. If the platform is found to be at fault, they will take the initiative to take responsibility. Additionally, the platform will announce the results as soon as the investigation is concluded, and they ask everyone to patiently wait and refrain from unnecessary speculation.