By: Eva Baxter
Cryptocurrency exchange OKX and blockchain security firm CertiK have announced a significant vulnerability in the OKX’s iOS wallet, urging users to quickly update their apps. Responding to a recently disclosed Remote Code Execution (RCE) vulnerability, OKX confirmed that an update has been released to resolve the issue, ensuring that customer funds remain unaffected.
This vulnerability, distinctive from an earlier attack on OKX’s DEX aggregator, which led to a loss of $2.7 million around mid-December, was disclosed on December 19 sparking controversy due to immediate call for update. While some criticize the risk of disclosing an issue on the day of the update release, others cite that delays in release of updates can put user data and crypto assets at risk.
Despite the disagreement in the release date of the patch between CertiK and OKX, the vulnerability was disclosed not more than eight days after the fix's release, potentially endangering users who do not update immediately.
© BlockBriefly. All Rights Reserved.