Hacker steals 5 million RMB in 15 minutes: OKX exchange security vulnerability triggers user panic
A user on the OKX exchange shared their painful experience in a tweet, revealing that 5 million yuan worth of assets were stolen from their account by hackers within 15 minutes. The incident not only left the victim distraught but also raised questions about the security of OKX among its users.
OKX users in panic! Abnormal aggregation of 5.3 BTC, consecutive thefts of user assets, OKX official statement: Investigating the truth, stay calm
Table of Contents
Hacker Breaches Like Walking into an Empty House
A victim took to social media hoping that all users of the OKX exchange could see his experience. Last night, all assets in this user's OKX account, nearly 5 million RMB, were stolen by hackers in just 15 minutes. This amount represented his life savings.
Stolen in the Dead of Night: Caught Off Guard
The incident occurred after 1 am when the victim was about to go to sleep and noticed an email in his inbox. Due to the late hour, he did not check it immediately. It wasn't until he logged back into the exchange that he found his account balance showing zero. Upon checking the transaction records, he was shocked to discover that his BTC and SOL had been converted to USDT and transferred in batches to a newly authorized whitelist address, all without his knowledge.
Why Are Security Measures Useless?
The victim stated that his phone was dedicated for trading, never clicked on any suspicious links, and the emails in his inbox were all unread. However, hackers were able to easily log into his OKX account and add a whitelist withdrawal address without obtaining a verification code. After the incident, he immediately contacted OKX customer service for help, but was only told to "contact the police" and was ignored thereafter.
Questions about OKX Exchange
The victim questioned why OKX, which has always claimed to be the safest platform in the industry, experienced multiple similar theft incidents within a short period. How does the exchange's risk control mechanism work, and why can hackers operate so easily? What's more worrying is why user information is being leaked on a large scale?
Email Vulnerabilities and AI Fraud
One detail in this theft incident is particularly noteworthy: the victim's email remained unread, indicating that hackers may have exploited a security vulnerability in OKX to bypass verification without the user's code. Additionally, there have been reports that someone passed OKX's manual review by using AI video simulation of their profile picture, resetting all verification information.
Lack of Security Measures
The victim criticized OKX's security measures as ineffective, believing that the exchange appears inactive in the face of constantly evolving hacker technology. It is the trust of ordinary users in the platform that has led to OKX's success, yet now the platform seems to disregard user trust.
User Asset Security at Risk
The victim pointed out that keeping assets on OKX is like running around naked with no security. He urged other users, especially those with substantial assets, to move their funds to a safer place. He recommended that regardless of cold or hot wallets, any method is safer than a platform that allows withdrawals to a whitelisted address without a verification code.
In the conclusion of his tweet, the user expressed his helplessness and despair. He hoped that his loss of 5 million RMB would serve as a warning to everyone, urging all to take asset security seriously and not become the next victim. His experience is not only a warning to the OKX exchange but also rings alarm bells for all digital currency users.
Related
- 29-year-old Bitcoin holder murdered in Ukraine, robbed of 3 Bitcoins after being beaten
- Ethereum Foundation email account hacked, promoting Lido staking phishing scam
- Cybersecurity analysis: Vulnerability in OKX not related to "SMS verification"? OKX founder Xu Mingxing: No, if there are losses due to OKX, they will be fully compensated