5 million RMB stolen in 15 minutes OKX All affected users issues have been or will be satisfactorily resolved

Updated on June 12, 2024: OKX Official Clarifies: Affected User Issues Resolved or Will be Resolved Satisfactorily
During the Dragon Boat Festival holiday, the global top three exchange OKX experienced a hacker incident, with many users reporting that their digital assets in their wallets had been stolen by hackers. This has drawn widespread attention from the cryptocurrency community.
OKX officials recently posted on the social platform X to explain the situation, emphasizing that all related users of this incident have already or will soon have their issues resolved and stating that the incident is unrelated to the choice of Google Authenticator or SMS verification.
In addition, it has been confirmed that someone forged judicial investigative documents to obtain individual customer information, and this is currently under investigation by judicial authorities. In the future, OKX officials will also enhance the security level of facial recognition with AI and introduce an expiration mechanism for the address book in personal wallets to prevent similar incidents from happening again.
Original Article on June 11th:
OKX Exchange Hacked
While the cryptocurrency community was supposed to have a peaceful time during the Dragon Boat Festival holiday, it turned out to be anything but. One of the top three global exchanges, OKX, experienced a hacker incident, with multiple users claiming that their digital assets in their wallets were stolen in a short amount of time, resulting in significant losses. This has caused widespread concern within the cryptocurrency community.
On June 9th, a victim named “Leyan” from the Chinese community posted on the social platform Twitter, stating that all his savings, which were worth approximately 5 million Chinese yuan (around 22.5 million New Taiwan dollars), were stolen without any warning, and the entire incident took place in less than 15 minutes.
From the descriptions provided by “Leyan” and other victims, it seems that hackers were able to access their OKX accounts and perform operations without obtaining the users’ verification codes, implying serious vulnerabilities in the security mechanisms of the OKX platform.
Especially in the pictures shared by “Leyan,” it can be seen that although he received multiple notification emails for “adding whitelist withdrawal addresses” and “creating API Keys,” he did not click on the email containing the withdrawal verification code. Yet, all the tokens in his account were still exchanged for the stablecoin USDT and transferred to a whitelist address by the hacker.
Apart from the case of “Leyan,” there were several similar theft incidents within 24 hours, causing even more attention and concern. Another user, “Dr.Hash ‘Wesley’,” uploaded a video stating that his group member had 1 million USDT stolen during the same time period.
Another user, “Yike Lu Dan,” reported on the community that his friend had 800,000 USDT stolen. These incidents followed a similar pattern, involving spam email attacks, massive purchases of Ethereum, and withdrawals using mobile verification codes.
How Can Users Protect Themselves?
This security incident has caused anxiety among many community users. To protect oneself in the Web3 world, it is recommended to consider the following measures to reduce the chances of being hacked:
Enable Google Authenticator + SMS verification + receive verification codes through email + scan QR codes + change passwords + facial recognition.
Disable cloud synchronization for Google Authenticator.
Require facial recognition every time Google Authenticator is opened.
Avoid connecting to networks that are not owned.
Do not click on unofficial links.
Block various advertising accounts in the comment section.
If possible, use a phone that only has a specific app for “exchanges and wallets and does not download any other apps.”
OKX Official Response
The OKX Chinese official community also provided an official response on X. They emphasized that they are currently in contact with the victims and will announce detailed results after the investigation. They also promised to take responsibility if the incident is indeed due to platform issues.
OKX founder Xu Mingxing also admitted, “OKX’s address book function does need improvement,” and if users have any questions, they can contact customer service for verification.
These series of theft incidents involving OKX users’ assets have not only caused significant losses to the victims but also undermined users’ trust in cryptocurrency trading platforms. As the cryptocurrency industry continues to mature, it is expected that more technological innovations will be implemented to enhance security measures on exchanges and reduce the likelihood of such incidents occurring.