2 hours ago
1164
OKX CEO Star Xu is offering a reward of 10 BTC to anyone who can present solid proof of a backdoor in its wallet, in response to a user complaint after 50 ETH was allegedly stolen. Xu invited the international community to examine the platform, emphasizing that security and transparency are non-negotiable.
The notice aims to solicit community input to identify and mitigate security vulnerabilities. Notably, the bounty system can expedite the discovery of security flaws and motivate Bitcoin security specialists to provide crucial evidence.
Crypto theft increases amid growing wallet awareness
任何人只要能够提供确凿证据,证明 OKX Wallet 存在后门,我们的 @wallet 团队将奖励 10 BTC。请OKX Wallet全球几千万用户共同监督。安全透明是底线,欢迎社区审查。 https://t.co/yVtz4Mpa1f
— Star (@star_okx) November 15, 2025
Xu Mingxing did not mention when the bounty offer would expire, suggesting that it will remain open until someone offers concrete evidence of an OKX wallet backdoor. The announcement coincides with an increase in global crypto consumers’ awareness of the security of their digital assets.
According to a blockchain analytics company, Chainalysis, its report indicates that as cryptocurrency has gained greater acceptance, illicit on-chain activity has also become more varied.
For instance, some illicit actors operate primarily off-chain but transfer money on-chain for money laundering. According to Chainalysis measurements, the value received by illegitimate cryptocurrency addresses decreased to $40.9 billion in 2024.
Chainalysis estimates that approximately $2.2 billion in crypto thefts in 2025 already surpasses 2024 totals. According to the report, around 25% of those thefts targeted individuals’ wallets.
The blockchain analytics company claimed that, based on its historical estimates, the number of illicit cryptocurrency addresses is expected to increase starting in 2025.
Malware and phishing continue targeting crypto users
Earlier this year, Cryptopolitan reported that Security experts discovered a malware application that steals Bitcoin in the official driver of Procolored, a printer based in Shenzhen, China. Experts stated that hackers had stolen 9.3 BTC using the software.
The tech website Blue Dot Network claimed that Procolored released the compromised driver on its servers for customers to download after transferring it from a USB flash drive. According to Blue Dot Network, it’s unknown if the corporation intentionally launched this attack or if a third party was involved.
However, Experts believed the malware was probably inserted by a third party that created the driver. The experts noted that the majority of Chinese hardware producers outsource their software development to external firms.
According to the experts, after inserting the backdoor, the third-party developer probably submitted the driver to Procolored using a USB flash drive.
Notably, scammers have generated over $1.7 billion this year alone through these attacks, which range from phishing to malware and exploiting vulnerabilities.
The Bitcoin theft is not the first of its kind. The attack dates back to 2021, when hackers compromised the identities, emails, and even mailing addresses of several Ledger users. Some users are still falling prey to it, though.
In May, ScamSniffer reported that crypto users lost $5.29 million in April through phishing. According to the scam reporting platform, this is a 17% decrease over the loss in March.
However, the number of phishing victims increased substantially in April, with 7,565 addresses impacted by the attacks. The impact represented a 26% increase, demonstrating the scammers’ changing strategies compared to the 5,992 victims reported in March.
According to ScamSniffer, a whale lost $1.43 million in the month as a result of signing multiple phishing signatures.
Another report from Cryptopolitan revealed that a user discovered ChatGPT is not as security-conscious as they had anticipated, particularly with crypto links, when they attempted to develop a direct cryptocurrency app, a token bumper for Pump.fun. The report stated that the API link provided by ChatGPT was contaminated, resulting in an instant loss of approximately $ 2,500.
According to the report, the token bumper demanded the wallet’s private key and stole all of its contents after connecting to the defective API. The event serves as a timely reminder that artificial intelligence capabilities are not entirely trustworthy when it comes to Web3 security.
Get up to $30,050 in trading rewards when you join Bybit today
English (US)