Hackers have successfully stolen funds from OKX users in a SIM swap attack that took place on June 9. This incident involved the theft of an undisclosed amount of money from two users after they received a deceptive SMS notification that appeared to be from the exchange itself.
This recent attack comes on the heels of a deepfake incident on OKX that occurred last week. In that case, cybercriminals utilized AI-generated videos to bypass the exchange’s security measures.
According to Yu Xian, the founder of blockchain security firm SlowMist, the latest theft was carried out through a sophisticated SMS attack. The hackers sent a falsified notification that seemed to originate from Hong Kong, leading the victims to create new API keys with withdrawal and trading authorizations. The methods used in both incidents were notably similar, suggesting that they may have been orchestrated by the same group of individuals.
Initially, it was suspected that the OKX SIM swap hack was related to cross-trading motives, but this theory has since been dismissed. OKX responded to the situation with a detailed update in a post on X, confirming the breach and assuring users that they were actively investigating the matter.
At present, the exact details of how the hackers managed to infiltrate OKX’s authentication systems remain unclear. Some members of the crypto community speculate that the theft could be attributed to a SIM swap breach.
A SIM swap attack involves a hacker tricking a mobile carrier into transferring a user’s phone number to a new SIM card under their control. This allows the hacker to intercept sensitive information, such as two-factor authentication codes, potentially granting them unauthorized access to online accounts.
OKX, the third largest cryptocurrency exchange in terms of trading volume, has faced ongoing security challenges. Despite being a popular platform for trading digital assets, the company has struggled to fend off malicious actors.
In a previous incident, deepfake scammers managed to steal $2 million from an OKX user after exploiting a major Telegram data breach. This breach exposed the customer’s personal information, which was then used to gain access to their OKX account and carry out the theft.
As OKX users continue to grapple with security issues, it is crucial for individuals to remain vigilant and take necessary precautions to safeguard their assets and personal information.