OKX’s decentralized exchange (DEX) has suffered a security breach, according to blockchain security firm SlowMist Zone. The issue involves the DEX contract, which allows users to authorize the TokenApprove contract and transfer tokens through the DEX contract’s claimTokens function. A trusted DEX proxy, managed by the Proxy Admin, is used to invoke this function. On December 12, 2023, the Proxy Admin Owner upgraded the DEX Proxy contract to a new implementation contract, allowing for direct calls to the claimTokens function of the DEX contract. Attackers quickly took advantage of this vulnerability and began stealing tokens through the DEX proxy. As of now, the attacker has made off with approximately 430,000 USTC tokens. SlowMist Zone suggests that this attack may be due to a private key being compromised.
OKX DEX Hacked: 430,000 USTC Stolen in Proxy Contract Flaw!
- 1 minute read
Crypto Live News