BlockBeats News, March 15th, OKX founder and CEO Star responded to the “Hacker Attack Incident by Wuhan Anjun Technology Team Exploiting Plugin Vulnerabilities,” stating, “The OKX Wallet security team has completed an investigation and found that describing it as an ‘OKX Wallet Vulnerability’ is inaccurate. Two points need to be clarified:
· This incident is not a security vulnerability of the OKX Web3 Wallet. The attack method involved hackers controlling users’ devices through trojan horse software, tampering with webpage JS code to implant hooks, or monitoring keyboard input to steal locally stored encryption files and passwords.
· The OKX Web3 Wallet is a 100% self-hosted wallet. The private key and password only exist on the user’s own device, and OKX cannot access or control user assets. However, if a user’s device is already controlled by hackers, then no wallet—including MetaMask—can guarantee security. It’s like a thief already being able to operate your computer and see all your keyboard inputs.
Users are advised to avoid installing software or plugins from unknown sources, regularly check device security, and securely protect their mnemonic phrase and private key.”
It is reported that the Wuhan Anjun Technology team controlled a large number of user terminals through plugin poisoning technology, stole mnemonic phrases, remotely transferred digital assets, and the amount involved reached $7 million.
