OKX Suspends DEX Aggregator Service After Detecting North Korean Lazarus Attack

OKX has temporarily suspended its Decentralized Exchange (DEX) aggregator service after discovering an attempted attack by North Korea’s Lazarus Group. The exchange made the announcement on March 17, citing security concerns and the need to address incomplete tagging on blockchain explorers. The suspension will allow OKX to roll out new security measures to prevent future misuse.

In a blog post, OKX explained that the Lazarus Group attempted to exploit its DeFi services. Additionally, the exchange observed an increase in competitive attacks aimed at undermining its operations. To mitigate risks, OKX consulted regulators and decided to temporarily halt the DEX aggregator. While the aggregator is paused, OKX’s wallet services remain operational, although new wallet creation has been restricted in certain markets.

To enhance security, OKX has already implemented real-time tracking systems to identify malicious addresses on its centralized exchange and Web3 DEX aggregator. Furthermore, the platform is working with blockchain explorers to address issues with incomplete labeling of DEX transactions. OKX emphasized that its DEX aggregator is not a custodian of user assets, and it is strengthening security measures to block hacker addresses in real-time.

The Lazarus Group, a North Korean hacking group, has been linked to several cyberattacks targeting cryptocurrency platforms. Notably, the group was involved in a $1.5 billion hack of Bybit in February 2024. Lazarus has also targeted developers, using malware to steal credentials and wallet data. The group has even used fake Zoom calls to trick crypto founders into downloading malicious software. According to Chainalysis, North Korean hackers stole $1.3 billion worth of cryptocurrency in 47 attacks in 2024, a significant increase compared to the previous year.

OKX’s move to suspend the DEX aggregator is part of the broader effort to protect users and the platform from cyber threats and attacks.