Dec 13, 2023 Alexander Chelpanov
Understanding the December 2023 OKX DEX Hack
The OKX decetralized exchange has supposedly suffered a hack worth $2.7 million, as reported by numerous security firms online. The attack took place on December 12, 2023, after the Admin account owner for the Proxy smart contract of the platform set a chain of events that led to the drain of the smart contract's funds. As per the official announcement of the incident, OKX DEX is planning to reimburce its users with $370,000 while working on finding the hacker.
We regret to inform you that a deprecated smart contract on OKX Dex has been compromised. We have taken immediate action to secure all user funds and revoke the contract permissions. We are working with relevant agencies to locate the stolen funds and will reimburse affected… pic.twitter.com/zDIjhb3ETz
— OKX Web3 (Wallet | DeFi | NFT) (@okxweb3) December 13, 2023
What Is OKX DEX?
OKX DEX operates as a decentralized exchange, utilizing a sophisticated system of smart contracts to manage and facilitate token exchanges. Central to its operation are the TokenApprove contract and the DEX Proxy. The breach, which transpired on December 12, 2023, exposed vulnerabilities in the platform's security architecture, leading to significant financial implications.
How Did the December 2023 OKX DEX Hack Happen?
According to security firm Slowmist, the breach unfolded through a series of unauthorized upgrades initiated by the Proxy Admin Owner. The first of these upgrades allowed the direct calling of the claimTokens function of the DEX contract to transfer tokens. This action set the stage for attackers to exploit the system, enabling them to divert tokens illicitly. A subsequent upgrade continued to facilitate this theft. The suspected cause of the breach centers around the leakage of the Proxy Admin Owner's private key.
🚨SlowMist Security Alert: OKX DEX Proxy Admin Owner's Private Key Suspected to be Leaked🚨
— SlowMist (@SlowMist_Team) December 13, 2023
According to information from SlowMist Zone, the OKX DEX contract appears to have encountered an issue. After SlowMist's analysis, it was found that when users exchange, they authorize…
Additional Information from Arkham Intelligence
Arkham Intelligence announced a bounty to identify the person or organization behind the OKX DEX exploit. According to Arkham, the OKX DEX attacker is tied to previous breaches involving LunaFi, UnoRe, RVLT, and others. The bounty aims to uncover information leading to the identity of the exploiter or the successful return of funds. Submissions will support the ongoing investigation by OKX. More details can be found on Arkham Intelligence's bounty page.
New Intel Exchange Bounty: OKX DEX Exploit
— Arkham (@ArkhamIntel) December 13, 2023
We've created and funded a bounty to help identify the person or organization behind the recent OKX DEX exploit.
OKX DEX was exploited by a hacker who upgraded a deprecated contract with token approvals, resulting in losses of over… https://t.co/kakhpb05NV pic.twitter.com/k5ztEm51bW
The Aftermath of the OKX DEX Hack
Following the breach, OKX DEX removed the compromised DEX Proxy from its trusted list and initiated measures to secure user funds and prevent future incidents. The platform has also pledged to reimburse affected users with $370k.
