OKX Web3 has decided to suspend its DEX aggregator services to implement security upgrades following reports of abuse by the notorious North Korean Lazarus hackers, who recently conducted a $1.5 billion crypto heist. OKX is a leading global cryptocurrency exchange that offers a wide range of trading options, including spot and derivatives trading and decentralized finance (DeFi) services. It remains to be seen if Lazarus will find ways to bypass those measures or if the North Korean hackers will move to other exchanges that don't uphold high-security standards. A Decentralized Exchange (DEX) aggregator is a platform that sources liquidity from multiple DEXs to provide users with the best possible trading prices and reduced slippage. Today OKX confirmed that Lazarus has been consistently attempting to misuse its services, and some downtime will be required to implement adequate defenses to block this activity. Bill Toulas Bill Toulas is a tech writer and infosec news reporter with over a decade of experience working on various online publications, covering open-source, Linux, malware, data breach incidents, and hacks. As of December 2024, OKX held approximately 8.0% of the global spot trading market share among centralized exchanges, with a trading volume of around $230 billion/month, ranking as one of the top exchanges worldwide. Following its record-breaking $1.5B Bybit crypto heist, the Lazarus group reportedly attempted to use OKX's DEX to launder $100 million of the stolen cryptocurrency. "Recently, we detected a coordinated effort by Lazarus group to misuse our defi services," reads the announcement OKX published earlier today. The second key measure is the real-time blocking of these addresses on the centralized exchange (CEX) to cut off Lazarus activity.
This Cyber News was published on www.bleepingcomputer.com. Publication date: Mon, 17 Mar 2025 18:25:09 +0000