OKX

Quick Summary

OKX DEX suffered an access control exploit on Dec 12, 2023, resulting in a loss of 2,390,976 USD worth of assets, including USDT,
USDC, and WETH.




Details of the Exploit

OKX DEX, a trading aggregator for cross-chain transactions, experienced an access control exploit on December 12, 2023. The proxy
admin owner upgraded the DEX proxy contract to a new implementation contract, which may have led to the compromise of the private
key of the OKX DEX. After the upgrade, tokens started being stolen from the platform. The stolen native ETH was distributed
between three addresses, while the rest of the stolen stable coins were bridged to Arbitrum and Avalanche chains via Stargate
Bridge. The DEX proxy was removed from OKX's platform's trusted list following the incident. The total loss amounted to 2,390,976
USD worth of assets, including 142,034 USDT, 475,929 USDC, and 799.77 WETH.




Block Data Reference

Attackers Addresses:

https://etherscan.io/address/0xFacf375Af906f55453537ca31fFA99053A010239

https://etherscan.io/address/0x0519efacb73a1f10b8198871e58d68864e78b8a5




Funds Holders as of Dec 14, 2023:

https://etherscan.io/address/0xfe55502a57f388a69602b2780071b759a520468f

https://etherscan.io/address/0x22a2931cb2a7b782d65b2b5562829e84d941b0f0

https://etherscan.io/address/0xa15fe801dd5fd31a684c444b6980dbaf0c78d5ad




Malicious Transactions:

https://etherscan.io/tx/0x7a9c03576158b08bd896293fffcb11dd2fcc09c3d896335affee9968b4a1db5c

https://etherscan.io/tx/0x78bfe55b18e53513b5c17869f39cc9cc21f3d6d2b6b44d1ceb9762789449dcd2

https://etherscan.io/tx/0xf69cf6cc56849be0ee93e8651fdf3622639b7a99e1a620c744f3fef8a5743236




Stargate Bridging Transactions:

https://etherscan.io/tx/0xd2b424b17e0959d260df748ef9d8b62120abe64d011ae68e00e8d3874d99ed28

https://etherscan.io/tx/0x444fe10b2487c2c3cfa79fd878f3c0c5f520a9b4e94a44a6ce8e5a2bd8d9dd8b