Crypto exchange OKX has temporarily shut down its decentralized exchange (DEX) aggregator to prevent further misuse by the notorious hacking group known as Lazarus. The exchange made this decision after detecting suspicious activities linked to the group and consulting with regulators.
OKX announced on March 17 that it had observed a “coordinated effort” by Lazarus to take advantage of its decentralized finance (DeFi) services. The business proactively halted its DEX aggregator service in order to make the required improvements in order to counter this danger. The action is intended to improve security and stop fraudsters from abusing its platform.
An OKX helpdesk representative confirmed that the suspension is temporary and is part of an internal review and system upgrade. However, the company did not provide an exact date for when the service will resume. While the DEX aggregator is down, OKX’s crypto wallet services remain available. However, new wallet creation has been paused in select markets during this period.
Allegations of Fund Laundering Through OKX Web3
OKX’s suspension of its DEX aggregator comes shortly after European regulators began investigating its role in alleged money laundering. On March 11, Bloomberg reported that OKX Web3 and its wallet services were under scrutiny for allegedly helping to launder stolen funds from the Bybit hack. This hack resulted in a loss of approximately $1.5 billion, with nearly $100 million allegedly flowing through OKX’s Web3 proxy.
In response to these claims, OKX strongly denied any wrongdoing. The exchange stated that when Bybit was hacked, it took two immediate steps: freezing any associated funds on its centralized exchange (CEX) and developing advanced hack detection features. OKX has dismissed the Bloomberg report as “misleading” and claimed that certain parties were deliberately misrepresenting its platform.
Over the past few days, the exchange has faced intense scrutiny from media outlets questioning its integrity. OKX has pushed back against these allegations, arguing that they have surfaced at a time when the company is actively working to combat financial crimes. The exchange emphasized that its DEX aggregator is not a custodian of customer assets and merely functions as a tool for accessing liquidity across multiple trading platforms.
OKX Strengthens Security to Combat Hacking Threats
OKX has been rolling out additional security measures to prevent further misuse of its Web3 services. One of the key steps includes deploying a “hacker address detection system.” This system allows OKX to track suspicious wallet addresses in real-time and block them from transacting on its centralized exchange. The company has also improved its ability to detect and flag hacker addresses on its DEX aggregator.
CEO Star Xu stated on March 17 that OKX has already implemented numerous security controls to fight against hacking attempts. Some of these measures include blocking IP addresses from restricted markets and enhancing the real-time detection of suspicious transactions. These efforts are part of OKX’s broader strategy to ensure that its platform remains secure and transparent.
OKX also highlighted a key issue regarding its DEX aggregator. It explained that some blockchain explorers have incorrectly identified its aggregator as the primary trading platform in certain transactions. The exchange is working on a solution to ensure that explorers accurately display which DEX is processing the trade rather than mistakenly attributing it to OKX’s aggregator.
For now, OKX’s priority is to enhance its security framework and prevent malicious actors from exploiting its platform. While the DEX aggregator remains offline, customers can continue to access other OKX services, with the company committed to resuming normal operations once necessary upgrades are complete.
