The OKX decentralized exchange (DEX) experienced a substantial security breach, resulting in a $2.7 million loss due to the reported leakage of the proxy admin owner’s private key. The incident unfolded on December 13 when an upgrade to the DEX proxy contract paved the way for an attacker to exploit tokens. The situation escalated further when, during a subsequent contract upgrade, the user continued exploiting tokens, raising suspicions of a potential leak of the proxy admin owner’s key. SlowMist Zone and Scopescan, blockchain security firms, reported the attack, and PeckShield later estimated the total loss to be around $2.7 million in various cryptocurrencies.
In response to the breach, OKX DEX promptly removed the compromised DEX proxy from its trusted list. The blockchain security firm PeckShield advised users to revoke allowances in the aftermath of the attack. The incident underscores the persistent challenges faced by decentralized exchanges in maintaining robust security measures and highlights the importance of user vigilance and rapid response to mitigate the impact of such breaches. OKX DEX assured users that any losses incurred due to the hack would be fully borne by the platform, emphasizing its commitment to addressing the aftermath of the security incident.
