Author: Dilation Effect

Link:

https://x.com/dilationeffect/status/1800116534133792841

Given the recent security incidents involving OKX users, we were curious about the causes of these attacks. As ordinary users, we decided to spend half an hour conducting a quick analysis of OKX’s user security settings, and the results were quite surprising.

Note: The analysis was conducted on June 10, 2024, at 5 PM Singapore Time.

1. Despite users binding Google Authenticator (GA), verification allows switching to lower security methods, bypassing GA verification.

Users bind GA considering its higher security level. However, OKX allows switching to lower security verification methods, such as SMS, during sensitive user operations like adding a whitelist address, withdrawals, and various verification changes, effectively bypassing GA verification.

2. Sensitive user operations, such as disabling phone verification, disabling GA verification, and changing the login password, do not trigger a 24-hour withdrawal ban.

The withdrawal ban only triggers when logging in on a new device, representing a compromise in the risk control measures for password changes.

3. Whitelist address withdrawals do not employ dynamic verification based on withdrawal amounts.

Once an address is added to the whitelist, withdrawals up to the limit can proceed without additional verification. Unlike other exchanges that set a limit requiring re-verification for larger amounts.

This quick analysis reveals that OKX’s security settings lack baseline design. Possibly to enhance user experience, OKX has made significant compromises in security. Whether this design is good or bad, users will make their own judgments and choices.

Dilation Effect would like to remind users to bind GA to their accounts. Otherwise, they may end up working for hackers, as email and SMS are easily susceptible to attacks.

Follow us
Twitter: https://twitter.com/WuBlockchain
Telegram: https://t.me/wublockchainenglish