On June 9, 2024, unknown hackers gained access to two user accounts on the OKX crypto exchange. They managed to create new API keys with the right to trade and withdraw funds, analysts of the SlowMist platform report.
两个不同的受害者,今天凌晨遭遇的交易所账号被盗币事件的手法及一些特征居然是相似的,除了 @AsAnEgg API Key(有提现、交易权限,这也是为什么之前怀疑有对敲意图,目前看来可以排除了)。… https://t.co/pqIjqLhmkB
— Cos(余弦)😶🌫️ (@evilcos) June 9, 2024
In their publication on X (formerly Twitter), experts revealed details of the incident. As it turns out, both victims did not use the Google Authenticator app to log into their accounts. Instead, they were verified by sending SMS messages or email.
According to SlowMist, during the next verification, hackers intercepted the code that came in an SMS message. After this, they were able to log into the account and withdraw user funds.
Judging by the screenshots, the attackers made several transactions with crypto assets in Ethereum and Tether (USDT). The exact amount of the hack is unknown.
Meanwhile, experts managed to identify the addresses of the wallets to which client funds were withdrawn. The SlowMist team continues to monitor the situation to identify the attackers and forward their data to the appropriate authorities.
Representatives of the OKX crypto exchange in China commented on the news about account hacking:
关于今日网络反馈的“交易所用户资产被盗”情况我们十分重视,已经与相关用户取得联系,如最终确定为调查结束后第一时间公布结果,请各位耐心等待并停止不必要的猜测。感谢大家的支持。
— OKX中文 (@okxchinese) June 9, 2024
According to them, the exchange contacted the affected users and began its own investigation. She urged to wait for its completion and not to make hasty conclusions.
According to journalist Colin Wu, connecting Google Authenticator is not a mandatory procedure on OKX. Often, clients are limited to using email and SMS, which increases the risk of funds being stolen.
OKX responded that it has contacted the relevant users and is currently investigating the relevant situation. The community feedback shows that OKX’s mandatory use of Google Authenticator is relatively rare, and email + SMS can be used for verification, which increases the risk… https://t.co/MmRSLXohBt
— Wu Blockchain (@WuBlockchain) June 10, 2024
Source: Cryptocurrency
I am an experienced journalist and writer with a career in the news industry. My focus is on covering Top News stories for World Stock Market, where I provide comprehensive analysis and commentary on markets around the world. I have expertise in writing both long-form articles and shorter pieces that deliver timely, relevant updates to readers.
