untitled design

Two OKX accounts were hacked via SMS verification

On June 9, 2024, unknown hackers gained access to two user accounts on the OKX crypto exchange. They managed to create new API keys with the right to trade and withdraw funds, analysts of the SlowMist platform report.

In their publication on X (formerly Twitter), experts revealed details of the incident. As it turns out, both victims did not use the Google Authenticator app to log into their accounts. Instead, they were verified by sending SMS messages or email.

According to SlowMist, during the next verification, hackers intercepted the code that came in an SMS message. After this, they were able to log into the account and withdraw user funds.

Judging by the screenshots, the attackers made several transactions with crypto assets in Ethereum and Tether (USDT). The exact amount of the hack is unknown.

Meanwhile, experts managed to identify the addresses of the wallets to which client funds were withdrawn. The SlowMist team continues to monitor the situation to identify the attackers and forward their data to the appropriate authorities.

Representatives of the OKX crypto exchange in China commented on the news about account hacking:

According to them, the exchange contacted the affected users and began its own investigation. She urged to wait for its completion and not to make hasty conclusions.

According to journalist Colin Wu, connecting Google Authenticator is not a mandatory procedure on OKX. Often, clients are limited to using email and SMS, which increases the risk of funds being stolen.

Source: Cryptocurrency

You may also like

Get the latest

Stay Informed: Get the Latest Updates and Insights


Most popular