The cryptocurrency exchange OKX has temporarily disabled one of its widely used tools following the discovery of attempts by North Korean hackers to exploit it for laundering stolen funds.
The company reported uncovering a coordinated attack orchestrated by the Lazarus Group, which sought to leverage OKX’s DeFi services for illicit financial activities. After consulting with regulatory authorities, OKX decided to temporarily deactivate its DEX aggregator—a measure aimed at integrating additional security mechanisms and preventing further misuse. The exchange’s leadership also emphasized that the hackers’ attempts ultimately proved unsuccessful.
A DEX aggregator functions as a tool that consolidates liquidity from multiple decentralized exchanges, enabling users to secure the most favorable trading conditions while minimizing slippage. However, in the aftermath of the recent Lazarus attack on Bybit, which resulted in nearly $1.5 billion in stolen assets, cybercriminals attempted to launder $100 million through OKX’s DEX aggregator.
According to Bloomberg, the incident has drawn the attention of European Union regulators. However, OKX refuted accusations of inaction, asserting that it had frozen the associated funds upon their arrival at its centralized exchange and accused Bybit of disseminating misleading information.
In response to the identified threats, OKX announced a series of enhanced security measures, necessitating a temporary suspension of the aggregator. Key upgrades will include an address-tracking system to monitor entities linked to hacker activity, along with real-time blocking mechanisms on the centralized platform. Additionally, OKX is actively collaborating with blockchain analytics firms to ensure proper transaction labeling and enhance transparency regarding the origin of funds.
Data from Arkham Intelligence indicates that North Korea has significantly expanded its Bitcoin reserves following the Bybit breach. The nation’s Bitcoin holdings are now estimated at $1.13 billion (13,518 BTC), placing it ahead of Bhutan, which holds 10,635 BTC, and El Salvador, which possesses 6,118 BTC. While Bhutan has been accumulating Bitcoin through large-scale mining operations, El Salvador has systematically acquired the cryptocurrency since 2021, when it was officially recognized as legal tender in the country.
