OKX has officially restarted its decentralized exchange (DEX) aggregator with a set of advanced security upgrades. The relaunch follows a temporary shutdown in March, after the service was reportedly misused by North Korea-linked hackers from the Lazarus Group.
OKX founder and CEO Star Xu announced on May 4 that the OKX Web3 platform now features a real-time abuse detection and blocking system. He described the tool as a “browser and search engine for blockchain,” with added layers of defense to counteract fraud and malicious onchain behavior.
New Security Features Aim to Combat Hackers
The upgraded DEX aggregator now includes:
- A dynamic database that flags and blocks known hacker wallet addresses in real time.
- Proactive alerts that warn users about potentially risky transactions.
- Wallet classification tools to identify high-value users, such as whales and sniper bots.
OKX also noted that its infrastructure has been tested through a bug bounty program and verified by blockchain security firms including CertiK, Hacken, and SlowMist.
Temporary Shutdown Followed Exploits by Lazarus Group
Back on March 17, OKX paused the aggregator to stop ongoing misuse by the Lazarus Group. The exchange said it was building a hacker address tracking system to block future activity by known bad actors.
This came days after a Bloomberg report revealed that European Union regulators were investigating whether OKX’s DEX and wallet services had been used to launder part of the $1.4 billion stolen in the Bybit hack in February.
In response, OKX clarified that its swap feature is a non-custodial aggregator, not a wallet service provider, and thus does not hold customer funds.
The ripple effect of the Bybit hack has touched other crypto platforms as well. On May 1, crypto exchange eXch shut down after it was linked to laundering activities tied to the Lazarus Group. Though it initially denied involvement, the exchange later admitted it had processed some of the stolen funds.
