IMG-LOGO

OKX investigates multimillion account thefts after SIM swap attacks

News Feed - 2024-06-12 09:06:47

Zoltan Vardai11 hours agoOKX investigates multimillion account thefts after SIM swap attacksAccording to SlowMist, despite the two similar phishing incidents, OKX’s two-factor authentication mechanism was not the main vulnerability point.4530 Total views19 Total sharesListen to article 0:00NewsOwn this piece of crypto historyCollect this article as NFTJoin us on social networksThe OKX cryptocurrency exchange and security partner SlowMist are investigating a multi-million dollar exploit that resulted in two stolen user accounts.


The investigation pertains to the theft of two OKX exchange accounts on June 9 through an SMS attack, also known as a SIM swap. This information was reported by Yu Xian, founder of SlowMist, in a post on X.“The SMS risk notification came from Hong Kong and a new API Key was created (with withdrawal and trading permissions, which is why we suspected a cross-trading intention before, but it seems that it can be ruled out now).”


While the amount stolen through the attack is unclear, Xian wrote that “millions of dollars of assets were stolen.”


Related:Crypto hacks soar to $19B in 13 years: Crystal Intelligence2FA was not the main issue behind the attack: SlowMist


While onchain security firm SlowMist is still investigating the hacker wallet and the underlying incidents, the exchange’s two-factor authentication (2FA) mechanisms may not be the main point of vulnerability.


In a June 9 X post, SlowMist founder Xian wrote:“I haven’t turned on a 2FA authenticator like Google Authenticator, but I’m not sure if this is the key point.”


Cointelegraph has approached OKX and SlowMist for comment.


OKX’s 2FA mechanism allowed the attackers to switch to a low-security verification method, which allowed them to whitelist withdrawal addresses via SMS verification, according to an analysis by Web3 security group Dilation Effect.


However, more sophisticated hackers have recently been bypassing 2FA verification methods. At the beginning of June, a Chinese trader lost $1 million to a scam that used a promotional Google Chrome plugin called Aggr. The plugin steals user cookies, which are used by hackers to bypass passwords and 2FA authentication.$3 billion stolen in hacks — Why are crypto crimes surging? Source:Cointelegraph


Related:Crypto hacks increase in 2024, but smart contracts are not to blamePhishing attacks are on the rise


Phishing attacks were on the rise in June after CoinGecko confirmed a data breach suffered by its third-party email management platform, GetResponse. The breach led to the attacker sending 23,723 phishing emails to victims.


Phishing attacks involve hackers aiming to steal sensitive information like crypto wallet private keys. Other phishing attacks, known as address poisoning scams, aim to trick investors into willingly sending funds to a fraudulent address similar to addresses they previously interacted with.


Private key and personal data leaks have become the biggest reason behind crypto-related hacks, as exploiters are targeting the lowest-hanging fruit.Crypto total losses by vulnerabilities. Source: Merkle Science


Over 55% of hacked digital assets were lost to private key leaks during 2023, according to Merkle Science’s 2024 HackHub report.


Magazine:Roaring Kitty’s GME shares hit $1B, BTC open interest soars, and other news: Hodler’s Digest, June 2–8# Cryptocurrencies# Altcoin# Phishing# Hackers# Hacks# DeFi# OKXAdd reaction