Blockchain Security Firm CertiK Warns OKX IOS Users to Update After Flagging Vulnerability

Disclosure: Crypto is a high-risk asset class. This article is provided for informational purposes and does not constitute investment advice. By using this website, you agree to our terms and conditions. We may utilise affiliate links within our content, and receive commission.Image Source: AdobeBlockchain security firm, CertiK has urged OKX users on IOS devices to update the software to the latest version after it identified a vulnerability with the potential of causing data and asset losses.

In a post on X (formerly Twitter), the firm informed users of the discovery urging them to make the update immediately to avoid being victims of a potential security breach.

🚨 Attention! We urge users of OKX wallets to update their iOS app to the latest version immediately. Earlier this month, we identified and reported a critical Remote Code ution (RCE) vulnerability in the OKX iOS App, leading to potential compromise of sensitive data and…

— CertiK (@CertiK) December 19, 2023

“Earlier this month, we identified and reported a critical Remote Code ution (RCE) vulnerability in the OKX iOS App, leading to potential compromise of sensitive data and crypto assets.”

The post also mentioned that the OKX team acted swiftly on the information and released an updated version today

OKX responds, no assets were lost

The digital asset exchange thanked the security firm for the update adding that the upgrade has been completed and this is no longer an issue

“We’ve completed the relevant upgrade & this is no longer an issue. We have verified that this did not impact any customer assets.”

OKX revealed that user assets were not impacted by the incident and all issues were fixed with a new IOS version 6.45.0 also urging users to update to the current software.

The bright side is the entire community’s participation to detect potential lapses in the which has been long advocated by experts. The nature of virtual assets and platforms can require wider participation and incentivized updates to the team

Over the years, tips from community members have blocked certain glitches and loopholes in decentralized applications (dApps) saving user assets and improving on-chain governance

Bad actors deploy more techniques

A remote code ution vulnerability like the one identified by CertK allows a bad actor to ute malicious codes on a database which consists of a malware ution or a negative component taking full control of the

This potential can result in massive data breaches and loss of assets if an arbitrary code runs on the and leads to a crash. Bad actors have deployed several techniques to steal user assets leading to warnings of periodic checks by security experts

In recent months, the market has recorded multiple hacks and bridge attacks resulting in the loss of user assets worth millions and calls for tighter regulations by authorities

Last week, OKX DEX suffered an attack that drained $2.7 million worth of cryptocurrencies after the private key of an admin was compromised allowing hackers access

🚨SlowMist Security : OKX DEX Proxy Admin Owner's Private Key Suspected to be Leaked🚨

According to information from SlowMist Zone, the OKX DEX contract appears to have encountered an issue. After SlowMist's analysis, it was found that when users exchange, they authorize…

— SlowMist (@SlowMist_Team) December 13, 2023

Onchain analytics firm, Scopescan posted on the incident on X, “The old abandoned MM contract was attacked, and the attack has been located and stopped. The losses of the users involved will be fully borne.” Exploiters transferred funds from addresses that approved assets to the DEX contract.”