- A private key compromise allowed the attacker to transfer unauthorized tokens.
- OKX admitted the exploit and said it would compensate victims.
Crypto funds worth more than $400,000 have been stolen from OKX DEX, a decentralized exchange aggregator platform, according to blockchain security firm SlowMist.
Decoding the modus operandi
The exploit was attributed to a compromise of the management rights of a market maker contract, which allowed the attacker to transfer tokens that were not authorized by the users.
OKX DEX, an offering from the popular centralized exchange OKX [OKB]combines the different trading prices across all integrated third-party DEXs and recommends the best trading price to users.
When users want to send tokens, they must approve a TokenApprove contract, which allows the funds to be claimed by the recipient. After this, the contract’s claimTokens function is activated, completing the transfer.
However, in the late hours of December 12, a manager on the contract mischievously changed the functionality. This was most likely caused by the account’s private keys being leaked.
According to SlowMist, the new implementation overcame the authorization part, allowing the attacker to execute the claimTokens function directly. As a result, the attacker was able to empty users’ wallets of thousands of dollars.
SlowMist flagged the address of the suspected attacker, along with the address where the proceeds from the hack would go.
OKX will compensate users
In response to the claims, OKX admitted to the exploit and linked it to an abandoned DEX contract that was no longer in use. However, it says the affected contracts have been deactivated.
The DEX estimated the hacked amount at approximately $370,000 and assured affected users of compensation. As for the rest of the user assets, the exchange said they were safe.
OKX stated that it would perform a security check on abandoned smart contracts to prevent such issues in the future.
The development reiterated the security risks associated with decentralized financial transactions (DeFi) and the need for greater oversight.
The exploit did not appear to materially damage OKX’s original asset, OKB. The exchange token posted a 24-hour gain of 2.9%, AMBCrypto noted CoinMarketCaps facts.