OKX DEX, a decentralized exchange and cross-chain bridge aggregator, has been exploited, with some wallets authorized to the platform losing around $400,000.
According to analysis conducted by blockchain security firm SlowMist, the issue revolves around the authorization process when users engage in exchanges on the platform.
Specifically, users authorize the TokenApprove contract, through which the DEX contract transfers the authorized tokens.
The DEX contract includes a claimTokens function that allows a trusted DEX Proxy, managed by the Proxy Admin, to make calls and transfer tokens on behalf of users.
On December 12, the Proxy Admin Owner upgraded the DEX Proxy contract to a new implementation contract via the Proxy Admin.
The new implementation contract introduced a functionality that directly called the claimTokens function of the DEX contract to transfer tokens.
Subsequently, attackers took advantage of this upgrade and started exploiting the DEX Proxy by making unauthorized calls to steal tokens.
The Proxy Admin Owner performed another contract upgrade at 23:53:59 on the same day, employing a similar functionality, which further enabled the ongoing token theft.
“This attack may be a result of the Proxy Admin Owner’s private key being leaked,” SlowMist said. “Currently, the DEX Proxy has been removed from the trusted list.”
🚨SlowMist Security Alert: OKX DEX Proxy Admin Owner’s Private Key Suspected to be Leaked🚨
According to information from SlowMist Zone, the OKX DEX contract appears to have encountered an issue. After SlowMist’s analysis, it was found that when users exchange, they authorize…
— SlowMist (@SlowMist_Team) December 13, 2023
OKX Says 18 Addresses Were Hacked
In a comment to crypto journalist Wu Blockchain, OKX reportedly said that 18 address assets authorized for the contract were hacked.
The exchange attributed the incident to “the hack of the management rights of an abandoned OKX DEX market maker contract.”
“The affected contracts have been deactivated and all user assets have been confirmed to be safe,” Wu Blockchain wrote.
The exchange estimated the amount of stolen funds at $370,000, while pledging to compensate the affected users.
OKX stated that due to the hack of the management rights of an abandoned OKX DEX market maker contract, 18 address assets authorized for the contract were hacked. The affected contracts have been deactivated and all user assets have been confirmed to be safe. All affected users…
— Wu Blockchain (@WuBlockchain) December 13, 2023
OKX Enjoys Growing Market Share as Binance Bleeds
Year-to-date, crypto exchanges Upbit, Bybit, and OKX have made the largest gain in spot market share, according to on-chain analytics firm CCData’s Exchange Review.
They increased their dominance by 6.39%, 4.89%, and 3.86% to 9.20%, 5.80%, and 7.41%, respectively.
Meanwhile, Binance, BeQuant, and Crypto.com continue to see the highest decline in market share by spot trading volume, falling by 19.5%, 3.28%, and 2.96% to 31.8%, 0.45%, and 2.03%, respectively.
Looking at derivatives volumes, OKX and Bybit had the highest increase in market share, rising by 2.75% and 0.61% to 24.9% and 14.2%, respectively.
Binance, however, saw the highest decline in market share last month, falling by 2.30% to 47.6%, which was the exchange’s lowest derivatives market share since October 2020.
That said, Binance was the largest derivatives exchange in November by monthly volume, trading $1.26 trillion (up 30.5% compared to October), followed by OKX ($660 billion, up 53.8%) and Bybit ($375 billion, up 42.9%).
OKX and Bybit were the best-performing derivatives exchanges in the last month, recording an increase of 53.8% and 42.9%, respectively.