OKX has seen significant outflows, with $204 million withdrawn in the past 24 hours and $630 million in the past week, exceeding outflows from other prominent cryptocurrency exchanges.
The increase in withdrawals comes from multiple security controversies that may have undermined user trust.
OKX design error
On June 9, two OKX users lost a large amount of money in a suspected SIM swap attack due to a vulnerability in the exchange's two-factor authentication (2FA) security system, resulting in their accounts being hacked.
Blockchain security company SlowMist founder Yu Xian claimed Users from Hong Kong were sent SMS risk notifications before a new API key was generated to verify their accounts.
This has also been validated by security analysts at Dilation Effect, who It has been identified Vulnerability in OKX's authentication system. They found that although users link their accounts to Google Authenticator (GA) for added security, OKX allows customers to switch to lower security verification methods during sensitive operations, bypassing GA verification.
When sensitive operations occur, such as disabling GA verification on the phone or changing the login password, 24-hour withdrawal block risk controls are not activated. For password changes, this action only runs when you sign in from a new device.
DE also said that withdrawals to whitelisted addresses are not subject to dynamic verification based on withdrawal amounts. Once an address is whitelisted, it allows unlimited withdrawals within the limit without additional verification, unlike other exchanges, which impose limits and require re-verification if exceeded.
The platform said OKX's security settings lack basic design and has made several compromises that potentially enhance the user experience.
OKX begins investigation
Prior to this, malicious entities used artificial intelligence (AI) to craft fake videos, further compromising the exchange's security.
In response to these incidents, OKX said it had done so I started Investigate and communicate with affected users. The exchange also urged its clients to enable two-factor authentication to enhance security. Despite these efforts, the recurring security problem has led to a wave of… Withdrawals As users look for safer alternatives.
Free Binance $600 (Exclusively for CryptoPotato): Use this link to register a new account and get an exclusive $600 welcome offer on Binance (Full details).
BYDFi Exchange 2024 Limited Offer: Welcome Bonus up to 2,888 USD, use this link to register and open a position worth 100 USDT-M for free!