On December 13, the OKX decentralized exchange (DEX) encountered a hack that amounted to $2.7 million in losses, reportedly stemming from leaked private keys of the agent administrator owner.
Blockchain security company SlowMist Zone took to social media on December 13 to report a problem with OKX DEX. The incident commenced on December 12, 2023, at approximately 10:23 PM UTC when the agent administrator owner updated the DEX agent contract to a new implementation contract. This action led to users seizing tokens from the platform.
Around 11:53 PM UTC, the proxy administrator owner performed another contract upgrade, during which users continued exploiting the tokens. SlowMist's initial analysis suggested that the breach might have resulted from the leaked key of the agent administrator.
Consequently, the DEX agent was delisted from the platform's trusted list. On-chain analytics firm Scopescan corroborated the attack, reporting user claims and subsequent confirmation from the DEX that an old abandoned contract had been compromised but was discovered and blocked.
OKX DEX announced that they would take full responsibility for user losses incurred during the hack. According to blockchain security company PeckShield, the overall loss of various cryptocurrencies resulting from the OKX DEX attack totaled around $2.7 million. PeckShield recommended users to withdraw any holdings they might have.
In response to the incident, a user reminded the community that the term "decentralized" does not automatically ensure safety. Recent research indicated that the crypto industry suffered losses amounting to $1.5 billion in the current year due to hacks, exploits, and scams as of September 2023.
During the ongoing Q4, Poloniex faced breaches causing over $100 million in digital asset losses, while the HECO Chain bridge hack resulted in over $80 million in losses.
