Recent reports indicate that a decentralized exchange (DEX) aggregator from OKX has been hit with a $2.7 million exploit, as per the findings of security analysts. The OKX DEX exploit is suspected to have been a consequence of the leakage of the DEX’s admin private key, as stated by the security firm SlowMist.
Confirmation of the Exploit
Following the announcement by SlowMist, OKX confirmed that a deprecated smart contract on their DEX had been compromised. The platform assured that it had taken swift measures to secure all user funds and revoke the contract permissions. In a statement, OKX pledged to work with relevant agencies to trace the stolen funds and reimburse the affected users.
PeckShield, another security analysis firm, later corroborated the exploit, stating that the attack resulted in the theft of approximately $2.7 million in crypto assets. Arkham, a blockchain data analytics provider, also confirmed the OKX DEX exploit, suggesting that the attacker likely upgraded a deprecated contract with token approvals, leading to losses exceeding $2.7 million.
Further Insights into the Exploit
According to SlowMist, users authorize token exchanges on the DEX via the TokenApprove contract. The DEX contract can then transfer these tokens by invoking TokenApprove’s functionality. A key player in this process is the DEX Proxy, managed by the Proxy Admin. The Proxy Admin Owner has the authority to upgrade the DEX Proxy contract, enabling it to call the claimTokens function of the TokenApprove contract for token transfers.
SlowMist further added that the OKX DEX exploit may have occurred as a result of the leakage of the Proxy Admin Owner’s private key. The current owner implemented a significant upgrade to the DEX Proxy contract on Dec. 12, which altered the contract’s functionality, allowing it to directly call the claimTokens function of the DEX contract for token transfers — opening up a vulnerability that attackers exploited to steal tokens.
Tracking the Attacker
Arkham has also suggested that the attacker was connected to other exploits, including LunaFi, Uno Re, and RVLT. In an effort to identify the hacker or recover the stolen funds, Arkham has offered a bounty of 5,000 ARKM ($2,250).
While the OKX DEX did not respond to a request for comment, it’s clear that such incidents highlight the importance of robust security measures in the world of cryptocurrencies. Tools like cryptoview.io can be instrumental in tracking and managing your crypto assets, helping you stay informed and secure in the dynamic crypto market.
Start now using our tools for free.
