Crypto exchange OKX has temporarily paused its decentralized exchange (DEX) aggregator to prevent further exploitation by the Lazarus Group, a notorious North Korean hacking collective.
In a March 17 statement, OKX revealed that it had detected a coordinated effort by Lazarus Group to misuse its DeFi services. After consulting with regulators, the exchange made a proactive decision to suspend its DEX aggregator services while implementing upgrades to prevent further misuse.
The OKX helpdesk confirmed that the suspension is part of an internal review and upgrade, though it did not specify when services would resume. While crypto wallet services remain available, OKX noted that new wallet creation would be paused in select markets during the review.
OKX Faces Scrutiny Over Money Laundering Allegations
The decision to suspend the DEX aggregator follows reports of an ongoing European Union financial watchdog investigation into OKX’s Web3 platform and wallet services. On March 11, Bloomberg reported that regulators were scrutinizing OKX’s role in allegedly laundering funds linked to the $1.5 billion Bybit hack.
In response to these allegations, OKX dismissed the Bloomberg report as misleading and reiterated its commitment to combating financial crime. In a blog post, the firm stated:
“Over the past few days, we’ve faced targeted media attacks questioning our integrity and operations. We can’t ignore the fact that these attacks are happening at a time when we are actively fighting against financial crime.”
Bybit CEO Ben Zhou claimed that nearly $100 million from the hack had been laundered through OKX’s Web3 proxy, with a portion of the funds now untraceable.
OKX Implements New Security Measures
Following the Bybit hack, OKX stated that it took two key steps:
- Freezing associated funds from entering its centralized exchange (CEX).
- Developing new hack detection features to track and prevent illicit transactions.
The exchange has since deployed a “hacker address detection system” for its DEX aggregator, alongside real-time tracking of hacker wallets to block them on its CEX.
OKX CEO Star Xu reaffirmed the company’s commitment to tightening security, stating on March 17:
“We already rolled out a lot of controls for OKX Web3 to fight misuse, including prohibited markets’ IP blocking and a real-time black address detection and blocking system.”
OKX Defends Its DEX Aggregator Model
OKX also emphasized that its Web3 DEX aggregator does not custody customer assets but merely facilitates access to liquidity across multiple protocols. However, the company claimed that some parties have deliberately misrepresented its platform’s role.
The exchange is now working on further security upgrades while maintaining that its actions align with global regulatory expectations.
