The centralized cryptocurrency exchange OKX’s multi-chain and cross-chain trading aggregator OKX DEX was targeted in a cyber-attack. According to the report by Chinese Blockchain and cryptocurrency journalist Colin Wu, the attack resulted in the theft of over $400,000 from certain wallet addresses authorized for OKX DEX.
In a statement from OKX DEX, it was reported that the trading aggregator was targeted and that the tool used for the attack was removed. The attack is thought to have occurred after the leakage of the private key of a wallet address starting with 0xFacf.
In a detailed statement following the attack, OKX exchange announced that funds were stolen from 18 authorized wallet addresses as a result of the hacking of the management rights of an unused OKX DEX market maker contract. It was confirmed that all affected contracts were disabled and that user assets were secure.
The amount of stolen funds was initially claimed to be $424,000 but was later reported to be approximately $370,000. OKX also announced that all stolen funds would be refunded.
Additionally, the exchange declared that a comprehensive security review would be conducted in relation to the attack and that all unused contracts related to OKX DEX would be reorganized.