Blockchain security firm CertiK has issued a warning to iPhone users of the OKX platform, urging them to promptly update their iOS app following the discovery of a significant security flaw in early December. In a communication via X (formerly Twitter) on December 19, CertiK advised all OKX wallet users to ensure they have installed the latest version of the app to mitigate potential security vulnerabilities.
Highlighting their discovery, CertiK stated, “Earlier this month, we identified and reported a critical remote code execution (RCE) vulnerability present in the OKX iOS application. This vulnerability posed a risk of compromising sensitive data and cryptographic assets.” Subsequently, OKX resolved the issue through an “associated update” released on December 19, prompting users to migrate to iOS version 6.45.0. CertiK confirmed the resolution of the security issue following this update.
Remote code execution (RCE) vulnerabilities can allow malicious entities to execute harmful code on an organization's systems or network. This can potentially result in the theft of funds or exposure of sensitive data, posing significant risks to users.
Notably, OKX’s decentralized exchange, OKX DEX, reportedly encountered a security breach on December 13, resulting in a $2.7 million hack. The incident occurred due to the leakage of the private keys belonging to the agent administrator owner.
Ranked as the 10th cryptocurrency exchange on CoinGecko's "Trust Score" rankings with a score of 9/10, OKX had recently expanded its services by launching trading and wallet functionalities in Brazil toward the end of November.
CertiK’s swift action and OKX's subsequent update aim to address and rectify the identified security vulnerability in the iOS app, emphasizing the critical importance of prompt updates to mitigate potential risks for OKX users on the platform.
