OKX Detects Lazarus Group’s Attempts to Exploit DeFi Services
Cryptocurrency exchange OKX has announced a temporary suspension of its decentralized exchange (DEX) aggregator due to coordinated efforts by the North Korean hacker group Lazarus to exploit DeFi tools for illicit activities.
The OKX support team explained that disabling the DEX aggregator is necessary for internal security checks and system updates. There is currently no information on when the platform will resume operations.
It is important to note that OKX wallets continue to function normally, but the creation of new addresses has been temporarily suspended in certain countries.
EU Regulators Investigate OKX Web3
Earlier, European Union financial regulators launched an investigation into OKX Web3, a platform providing access to the DEX aggregator and non-custodial wallet.
According to Bloomberg, the platform may have been used for laundering assets stolen from the Bybit exchange. As part of the investigation, regulators are examining OKX Web3’s operations and potential schemes for moving illicit funds through decentralized services.
This scrutiny of the DeFi sector by international regulators highlights the growing efforts by governments and financial institutions to combat the illegal use of cryptocurrencies.
Scammers Target Coinbase and Gemini Users with New Phishing Scheme
Reports have surfaced on social media platform X regarding a new phishing attack aimed at users of Coinbase and Gemini.
Fraudsters are impersonating official representatives of these exchanges and sending fake notifications instructing users to transfer their assets to new wallets.
How the Scam Works
– The user receives a fraudulent email, supposedly from Coinbase or Gemini.
– The message claims that the exchange is required to move customer assets to self-custody wallets due to legal disputes.
– The victim is instructed to follow specific steps to create a new wallet using Coinbase Wallet.
– However, the email contains a pre-generated seed phrase.
– If the user transfers funds to this wallet, the scammers gain full access and drain all assets.
Coinbase Issues an Official Warning About the Phishing Attack
The Coinbase team has confirmed that they are aware of this new fraudulent campaign.
Key Reminders:
Coinbase, Gemini, and other exchanges never send seed phrases or request fund transfers.
A recovery phrase is meant only for the wallet owner – it should never be shared with third parties.
Never use someone else’s or a pre-generated seed phrase – this is a guaranteed scam.
How to Protect Your Assets from Scammers
– Verify the sender. If you receive an email with suspicious requests, carefully check the sender’s address.
– Avoid clicking on suspicious links. Phishing websites may appear legitimate but often contain hidden threats.
– Always create wallets independently. Use only official applications and never enter seed phrases from external sources.
– Enable two-factor authentication (2FA). This significantly increases security against unauthorized access.
– Use hardware wallets. This is the safest method for storing cryptocurrencies.
The cryptocurrency market continues to face threats from hackers and scammers:
– OKX temporarily disabled its DEX aggregator after detecting attempts by the Lazarus group to exploit DeFi services.
– EU regulators launched an investigation into OKX Web3 over possible laundering of stolen assets.
– Scammers are conducting a new phishing campaign, posing as Coinbase and Gemini employees to steal user funds.
Stay vigilant, verify all incoming communications, and prioritize the security of your assets. The cryptocurrency market is attractive not only to investors but also to fraudsters, making awareness and caution essential for every user.
