Crypto Mania

OKX DEX Hacked: 430,000 USTC Stolen in Proxy Contract Flaw!

Crypto Live News

Author: Mustafa Mulla

Mustafa has been writing about Blockchain and crypto since many years. He has previous trading experience and has been working in the Fintech industry since 2017.

OKX’s decentralized exchange (DEX) has suffered a security breach, according to blockchain security firm SlowMist Zone. The issue involves the DEX contract, which allows users to authorize the TokenApprove contract and transfer tokens through the DEX contract’s claimTokens function. A trusted DEX proxy, managed by the Proxy Admin, is used to invoke this function. On December 12, 2023, the Proxy Admin Owner upgraded the DEX Proxy contract to a new implementation contract, allowing for direct calls to the claimTokens function of the DEX contract. Attackers quickly took advantage of this vulnerability and began stealing tokens through the DEX proxy. As of now, the attacker has made off with approximately 430,000 USTC tokens. SlowMist Zone suggests that this attack may be due to a private key being compromised. 

Source link