- $11.6 million was stolen from QuantMatter's OKX institutional account.
- The hacker added whitelist addresses, converted funds into BTC, ETH, USDC, and USDT, and transferred them to an on-chain address.
- OKX has enhanced its security by improving judicial cooperation, introducing a verification mechanism, and strengthening AI face recognition.
Singapore market maker QuantMatter reported that $11.6 million was abruptly stolen from its OKX institutional account on May 30.
According to Wu Blockchain, the hacker added whitelist addresses, converted the funds into BTC, ETH, USDC, and USDT, and transferred them to an on-chain address. The funds have not moved since. It is believed that the hacker used offline GA verification to steal the coins, having compromised the market maker's GA.
A user named "Crypto LaLa," QuantMatter's operation manager confirmed the hack on X (formerly Twitter).
“All of my fund vanished in just 25 minutes! No email notification, no 2FA, nothing,” wrote Crypto LaLa. “I still can't believe how all my OKX account money was stolen like this. I saw some cases where it was caused by a Google Chrome extension, but that’s not the case for me. My OKX account got hacked, which means it could happen to anyone. Literally any user on OKX.”
Previously, on June 10, two OKX users reported that security vulnerabilities on social networks allowed hackers to access their accounts and drain their wallets. Blockchain security firm SlowMist noted that in both cases, a new API key was generated after users received a risk warning SMS from Hong Kong, verifying the account owner where the transaction occurred.
According to Slowmist, two OKX accounts were stolen this morning, and hackers created new API Keys with trading and withdrawal permissions. None of the victims used Google Authenticator, but instead used SMS or email verification. Hackers hijacked mobile phone verification codes… https://t.co/I9irUcfe6Q
— Wu Blockchain (@WuBlockchain) June 9, 2024
OKX Chinese on X addressed the recent security incidents in individual customer accounts, stating that all affected users have been or will be promptly assisted. The incident is unrelated to the use of Google Authenticator or SMS verification, though OKX recommends using Google Authenticator.
The crypto exchange emphasized that its customer account security system has over 10 years of successful testing and is committed to compensating customers for losses caused by OKX. It was revealed that forged judicial documents led to the information leak of a few customers, which is currently under investigation.
In response, OKX has enhanced its judicial cooperation process, introduced a verification mechanism, and strengthened AI face recognition security. Future measures include an expiration mechanism for address book authentication. No new cases of theft or information leakage have been reported.
Edited by Harshajit Sarmah
