Hackers have allegedly targeted OKX, stealing funds from at least two accounts in a sophisticated attack involving SMS risk notifications and the creation of new API keys.
Crypto exchange OKX has reportedly been targeted by hackers, with at least two users reporting their funds were drained after receiving SMS risk notifications from Hong Kong.
According to SlowMist founder Yu Xian, an unidentified entity created new API keys with withdrawal and trading permissions, allowing them to swap and drain the coins from the platform. OKX’s Chinese branch stated in a Jun.9 post on X that the exchange has reached out to the affected users and is currently investigating the incidents.
“If it’s finally determined that the platform is responsible, the platform will take the initiative to bear it. In addition, we will announce the results as soon as the relevant investigation is completed.”
As of press time, the full extent of the attack remains unclear, and it’s yet to be seen how exactly the hackers managed to hijack the trading accounts.
SIM swapping, a form of phone hijacking, has long been a significant threat to crypto investors, with even major industry players falling victim. For instance, in 2021, Coinbase disclosed that hackers had stolen crypto from about 6,000 users by bypassing multi-factor authentication in a suspected phishing campaign that involved hijacking two-factor authentication SMS messages.
Other incidents have involved hijackers porting phone numbers to intercept one-time passwords and validate transactions or change account credentials. In response, many major crypto companies have moved away from SMS-based two-factor authentication, though some still rely on this authentication method.