Article 6NE9T OKX Investigates Reported Theft Case Following SMS Notification Security Failure

OKX Investigates Reported Theft Case Following SMS Notification Security Failure

by
Rida Fatima
from Techreport on (#6NE9T)
code-pano_22148-1200x675.jpg

The rise in crypto theft incidents is becoming alarming. Hackers keep advancing their skills by employing increasingly sophisticated techniques to steal user funds. The latest victim is the prominent crypto exchange OKX, which has suffered significant security breaches due to its SMS notification system vulnerabilities.

OKX Deals with Crypto Theft

A Sunday morning report revealed that some bad actors compromised the accounts of two OKX users. The methods used in both cases were strikingly similar, indicating a potentially coordinated attack.

According to the report, the breaches involved notifications of SMS risk originating from Hong Kong and creating new API keys with permissions for trading and withdrawals.

Notably, a crucial aspect of these breaches is the victims' failure to enable two-factor authentication (2FA) tools such as Google Authenticator. While it is unclear if this oversight was the key factor in the security failures, it highlights the importance of functional security practices.

Initially, these incidents were suspected to be related to cross-trading attempts. They appeared just like a recent theft on Binance, where a user lost over $1 million due to a cross-trading plugin.

However, this theory has since been dismissed, suggesting that the hackers used different means to exploit the SMS notification system. The attackers, believed to be part of a premeditated and organized group, executed their plan in a focused and effective manner.

Meanwhile, SlowMist's tracking team is monitoring the wallet addresses involved in both hack incidents. The team has promised to provide updates as more information becomes available.

OKX Promises Thorough Investigation

The crypto exchange has swiftly addressed recent reports of stolen user assets. It has taken immediate action by contacting the victims and launching a comprehensive investigation into the case.

In an official statement, OKX reassures users of its dedication to resolving the issue. It stated that if the platform is found to be at fault, it will take full responsibility for any losses incurred.

Furthermore, the exchange has pledged transparency and promised to announce the investigation results immediately after they become available.

Meanwhile, these recent incidents follow a sophisticated attack on another major exchange, Binance. In the case of Binance, the hacker used a unique approach to prevent their account from being detectable.

By exploiting web cookies, the hacker could execute large trades in the USDT trading pair, known for its high liquidity. These hacks take the form of SIM swapping, also known as phone hijacking. This theft incident has significantly threatened several crypto investors and even major industry players.

The technique typically involves hackers hijacking a victim's phone number. This allows them to intercept security codes sent via SMS and gain unauthorized access to accounts.

A good example of such theft occurred in 2021 when Coinbase, a popular crypto exchange, reported a serious breach. At the time, the exchange saw approximately 6,000 users lose their crypto assets to the hackers.

The attackers reportedly bypassed multi-factor authentication by hijacking SMS messages used for two-factor authentication (2FA).

The post OKX Investigates Reported Theft Case Following SMS Notification Security Failure appeared first on The Tech Report.

External Content
Source RSS or Atom Feed
Feed Location https://techreport.com/feed/
Feed Title Techreport
Feed Link https://techreport.com/
Reply 0 comments