- Crypto exchange OKX has upgraded its DEX aggregator to detect malicious users
- OKX said the new security system works by detecting usage by hack-linked addresses
- OKX DEX has been accused of allowing Bybit hackers to move funds through the exchange
Crypto exchange OKX has halted its DEX aggregator to upgrade its security to enable it to detect usage by users linked to malicious activities. The exchange described the move as “taking a stand against financial crime” noting that it’s also meant to address concerns around its web3 platform. Some of the concerns include accusations that its DEX aggregator allowed Bybit hackers to launder funds through the platform, forcing OKX to rethink the aggregator’s security and usage.
OKX Needs Time To Address “Competitive Attacks”
In an announcement, the exchange also said that suspending the aggregator will give it time to address increasing “competitive attacks.” OKX disclosed that it’s working with blockchain explorers to fix “incomplete” blockchain tagging.
We are temporarily pausing our DEX aggregator to address incomplete tagging on blockchain explorers while we also roll out new security features. This is to address the recent coordinated attacks by media along with unsuccessful efforts by Lazarus group to misuse our DeFi… pic.twitter.com/r6oHNIaalT
— OKX (@okx) March 17, 2025
According to OKX, blockchain explorers have “mistakenly” identified the aggregator as the point of trade instead of the actual DEX handling the trades since the aggregator is only an interface connecting users to multiple DEXs.
OKX revealed that it has already launched a system to detect hacker addresses and block them from accessing the “CEX system in real-time.” It also said it’s working with financial regulators to address their concerns.
Bybit CEO Ben Zhou recently said the OKX platform was used to launder roughly $100 million from the Bybit hack. Another report claimed that the European Union was investigating whether OKX products are compliant with MiCA regulations.
3.4.25 Executive Summary on Hacked Funds:
Total hacked funds of USD 1.4bn around 500k ETH, 77% are still traceable, 20% has gone dark, 3% have been frozen.
Breakdown:
– 83% (417,348 ETH, ~$1B) have been converted into BTC with 6,954 wallets (Average 1.71 btc each) . This and…— Ben Zhou (@benbybit) March 4, 2025
OKX Helped Bybit?
OKX CMO Haider Rafique denied Zhou’s claims as “misinformation,” adding that the exchange did its best “to help Bybit.” Rafique said it’s “preposterous” to think the exchange would help launder illicit funds.
We typically don’t respond to false claims and misinformation.
Despite our best efforts to help Bybit actively by directing resources towards them, they appear to be citing misinformation on X and with journalists.
We spoke to Bloomberg today and provided our statement… https://t.co/VJyK9WhKSP
— Haider (@Haider) March 11, 2025
OKX urged the crypto community to consider the allegations as “deliberate attempts to mischaracterize” the exchange’s role in the ecosystem. The upgrade comes roughly three weeks after the exchange admitted to operating an illegal money-transmitting business and agreeing to pay over $500 million in fines.
With OKX working with blockchain explorers and regulators to improve its DEX aggregator, it’s to be seen whether it’ll prevent hackers from using the platform.
