Blockchain security company CertiK has released an urgent update to OKX wallet users on iPhone after a major security vulnerability was discovered in its iOS application.
In a December 19 post on X, CertiK advised OKX wallet users on iPhone to urgently upgrade their app to the latest version. A security flaw identified in the OKX iOS application puts sensitive user data and cryptocurrency assets at risk of being compromised.
Earlier this month, Certik identified and reported a serious remote code execution (RCE) vulnerability in the OKX iOS app, which “has the potential to compromise sensitive data and cryptocurrency assets,” the blockchain security company added.
In response, OKX released iOS application update version 6.45.0 on December 19, which addresses this vulnerability. CertiK later confirmed that the security issue had been resolved and stated that no customer assets were affected by the vulnerability.
Rapid disclosure sparks debate
However, this incident has raised concerns about disclosing these vulnerabilities. Tay Monahan, leader of MetaMask, expressed criticism about the timing of the vulnerability’s disclosure, suggesting that many users could be at risk if the issue were made public on the same day a fix was released.
Monahan highlighted how long it typically takes for the user base to update to the latest version of an app – anywhere from a few weeks to a few months.
Additionally, there were some discrepancies in the version numbers of the updates containing the fixes, adding to the confusion. CertiK mentioned the updated version as 6.46.0, while OKX mentioned version 6.45.0, which was actually released on December 11. The exact version containing the necessary security fixes is still unclear.
This incident highlights the vulnerability of cryptocurrency wallets and exchanges to cyber attacks. In recent months, such incidents include the $114 million theft from Poloniex in November, the $100 million heist involving the HTX and Heco cross-chain bridges, and the $35 million loss of Atomic wallet users in June following an iOS app update. It has skyrocketed. .
The continued targeting of these platforms by hackers highlights the critical importance of the need for strong security measures in the cryptocurrency industry.