OKX DEX loses $2.7M after proxy admin contract upgrade

Experience the Most Powerful DEX Aggregator | Crypto Trading

OKX decentralized exchange (DEX) faced a $2.7 million theft on December 13 due to a reported leak of the private key belonging to the proxy admin owner.

Security firm SlowMist Zone was the first to reveal in a social media post that OKX DEX had encountered an exploit.

“According to information from SlowMist Zone, the OKX DEX contract appears to have encountered an issue. After SlowMist’s analysis, it was found that when users exchange, they authorize the TokenApprove contract, and the DEX contract transfers the user’s tokens by calling the TokenApprove contract,” SlowMist said.

As per the report, the problem started on December 12 after the proxy admin owner upgraded the DEX proxy contract to a new implementation contract, leading to token theft by a user.

“On December 12, 2023, at 22:23:47, the Proxy Admin Owner upgraded the DEX Proxy contract to a new implementation contract through the Proxy Admin. The new implementation contract’s functionality is to directly call the claimTokens function of the DEX contract to transfer tokens,” said SlowMist.

Around 11:53 pm UTC, the proxy admin owner upgraded the contract again, and the user kept exploiting tokens. According to SlowMist’s analysis at that time, the attack may have been due to the leaked key of the proxy admin owner.

The platform removed the DEX proxy from its trusted list afterward.

Scopescan, an on-chain analysis firm, confirmed the attack based on user reports. They reached out to OKX and were informed that an old abandoned contract had been targeted but was found and halted.

“Users reported an exploit event on the #OKX DEX contract. We have contacted them and got the following response: The old abandoned MM contract was attacked, and the attack has been located and stopped. The losses of the users involved will be fully borne,” said Scopescan in a social media post.

PeckShield, a blockchain security company, reported that the total loss from the exploit was approximately $2.7 million across different cryptocurrencies.

“PeckShieldAlert #OKX #DEX suffered a Private Key Leakage attack, resulting in ~$2.76M worth of cryptos being stolen. Please *Revoke* your allowance if any,” said PeckShield in a post.

OKX DEX said it would fully cover any losses suffered by users due to the exploit.

OKX among companies achieving largest increase in spot market share, analyst says

Upbit, Bybit and OKX have shown the biggest spot market share increase this year, per a report by CCData, an on-chain analytics firm.

Their dominance rose by 6.39, 4.89 and 3.86 percent, respectively, reaching 9.20, 5.80 and 7.41 percent each.

Regarding derivatives volumes, OKX and Bybit saw the most significant rise in market share, increasing by 2.75 and 0.61 percent to reach 24.9 and 14.2 percent, respectively.

OKX and Bybit were the best-performing derivatives exchanges last month, recording an increase of 53.8 and 42.9 percent, respectively.

Meanwhile, Binance, BeQuant and Crypto.com are experiencing the most significant decline in market share through spot trading volume, dropping by 19.5 percent, 3.28 and 2.96 percent to 31.8, 0.45 and 2.03 percent, respectively.

Binance also experienced the largest decrease in market share last month, dropping by 2.30 percent to 47.6 percent, marking the exchange’s lowest derivatives market share since October 2020.

That said, in November, Binance led as the largest derivatives exchange by monthly volume, trading $1.26 trillion. It was followed by OKX, trading $660 billion, and Bybit, trading $375 billion.