• Mon. Oct 7th, 2024

After CertiK’s Warning, OKX Address Security Issues in iOS App

Maria Bartiromo

ByMaria Bartiromo

Dec 21, 2023

The cryptocurrency exchange OKX has reacted quickly to a severe security vulnerability in its iOS wallet app. Leading blockchain security firm, CertiK discovered the vulnerability, which prompted OKX to fix the problem promptly and guarantee the security of user funds.

Following CertiK’s notification of the security vulnerability, OKX promptly resolved it. The exchange confirmed in a public statement that there was a bug in its iOS wallet app. It reassured users that all necessary measures had been taken to release an update that fixed the security issue.

According to its assessment, the exchange made it clear that the discovered vulnerability did not immediately threaten the security of user assets. To be safe, OKX advised all users of the iOS app to update to the most recent version—6.45.0, to be exact—as this version has the critical security flaw successfully fixed.

Company Public Statement Misses Information In Security Flaw

The public statements omitted explicit information about the type of security flaw and the specifics of the vulnerability. A standard practice in the industry is to stop bad actors from taking advantage of the vulnerability before users have had a chance to update their applications.

Previous reports had it that hackers were responsible for stealing almost $363 million in digital assets only in November, with Poloniex topping the list with an accumulated loss of  $114 million. HTX, previously Huobi, was next on the chart with  $100 million, followed by Heco, a decentralized energy-serving chain.

Users Advised To Stick to Exchange Advices, CertiK Disclosed RCE

Reports say that the findings by CertiK have disclosed Remote Code Execution (RCE) issues in the app. The RCE has been described as a feature that allows hackers to manipulate any device remotely from any part of the world. CertiK warned that this vulnerability will severely threaten the user’s digital assets and personal data.

Last week, on the 13th of December, OKX DEX reported that it suffered a cyber attack that made it lose $2.7 million in cryptocurrencies after the private key of one of its administrators was hacked, granting the hackers access. 

At the moment, OKX is yet to issue an official response to CertiK’s comment. This has aroused suspicion about whether users have been affected by the recent flaw and the prospective risks experienced by users who still use outdated versions of the iOS app. 

Investigation Says Hacks Had Decreased, Lists Contributing Factors

The issue found in the OKX wallet by CertiK didn’t result in a stolen user’s funds because it was promptly fixed. Events like this are rare compared to the rising breaches by hackers targeting cryptocurrency wallet companies in recent months.

Atomic wallet users had lost over $35 million in cryptocurrency, ranging from BTC to ETH. This happened after they updated to the latest iOS app version. Meanwhile Tay Monahan from MetaMask has criticized CertiK disclosure, saying that it is dangerous disclosing issues like this on the same day the fixed was released. 

An investigation by TRM Labs shows that the cryptocurrency industry decreased in volume after the hack in 2023, hence experiencing a decline of more than 50% compared to last year. The investigation pointed out that the decrease in the volume of hacks results from augmented security measures, the growing industry alliance among exchanges, and actions by law enforcement agencies.

Maria Bartiromo

Maria Bartiromo

Maria Bartiromo is a renowned news writer and journalist, celebrated for her insightful reporting and authoritative voice. With a career spanning years, she has established herself as a trusted source of accurate and comprehensive news analysis, keeping readers informed on vital global developments.

Leave a Reply

Your email address will not be published. Required fields are marked *