OKX probes multi-million account thefts following SIM swaps

Even though there were two phishing attacks that were quite similar, SlowMist claims that OKX’s two-factor authentication was not the primary weak spot.

The crypto exchange OKX and its security partner SlowMist are looking into a two-user account hack that resulted in a multi-million dollar attack.

Subject of the inquiry is the June 9th SMS assault (or SIM switch) that resulted in the theft of two OKX exchange accounts. The creator of SlowMist, Yu Xian, posted this information on X.

Xian said that “millions of dollars of assets were taken,” although he did not specify how much funds was stolen in the incident.

The hacker’s wallet and the events leading up to it are still under investigation by onchain security company SlowMist, but the two-factor authentication (2FA) systems of the exchange may not be the biggest weak spot.

Xian, creator of SlowMist, wrote: in a post on June 9th, X: “I am uncertain whether this is the main point, but I haven’t enabled a two-factor authentication tool like Google Authenticator.”

For their comments, Cointelegraph has reached out to SlowMist and OKX. Based on their findings, the Web3 security group Dilation Effect concluded that the attackers were able to bypass OKX’s 2FA system and use a less secure verification approach to whitelist withdrawal addresses using SMS verification.

However, increasingly advanced cybercriminals have started evading two-factor authentication systems as of late. In early June, a fraud using a promotional Google Chrome plugin named Aggr caused a Chinese trader to lose $1 million. Hackers may use the plugin to harvest cookies from users, which allows them to circumvent two-factor authentication and passwords.

Also Read: Consensys Will Bet on Lido’s Lunch With No-Minimum Pooled Bets