Bloomberg recently reported that European regulators are examining crypto exchange OKX, following allegations that its services were exploited by hackers to launder proceeds from a staggering $1.5 billion heist on the trading platform Bybit.
Sources familiar with the matter indicated that the scrutiny stems from concerns about the use of OKX’s Web3 service, a decentralized finance (DeFi) platform and self-custodial wallet designed to enhance efficiency for crypto traders.
Bybit Heist Sparks Regulatory Concerns
The allegations reportedly surfaced during a meeting hosted by the European Securities and Markets Authority (ESMA) on March 6, where national regulators from the European Union’s 27 member states discussed potential implications for OKX under the new Markets in Crypto-assets (MiCA) regulations.
According to the report, hackers linked to North Korean entities laundered approximately $100 million in stolen cryptocurrency through OKX’s Web3 platform, raising critical questions for regulators regarding whether OKX’s decentralized services fall under the purview of MiCA, as well as the potential penalties that could be imposed.
The Bybit hack, described as “the most sophisticated breach” in the crypto industry to date, highlighted significant vulnerabilities within the ecosystem, especially as North Korean hackers increasingly target exchanges.
In response to the attack, OKX emphasized its security measures, stating that it has been assisting Bybit in tracking and blocking malicious wallet addresses.
OKX Denies Illicit Activity Claims
In a public statement, OKX refuted claims of its involvement in any illicit activities, labeling the Bloomberg article as “misleading.” The exchange clarified that, like other major platforms, it provides a self-custody wallet service and a swap feature that aggregates services for user efficiency.
Furthermore, the crypto trading platform noted that it implemented a new feature to detect and block hacker addresses from accessing its decentralized exchange (DEX) or wallet services.
The exchange’s response also pointed to the need for clarity regarding the role of Bybit in the incident, suggesting that the narrative around OKX’s involvement reflects “a misunderstanding” of the security shortcomings on Bybit’s part.
Despite the ongoing scrutiny, OKX highlighted it has secured a MiCA “pre-authorization” through its European hub in Malta, and just weeks later, it received approval to “passport” its services across the European Economic Area.
However, the recent revelations have prompted some EU regulators to advocate for further investigation into the exchange’s compliance with MiCA regulations, particularly in light of the Bybit incident.
As the situation unfolds, regulators from Austria and Croatia have pushed for discussions on whether the incident constitutes a violation of sanctions against North Korea. The potential implications for OKX could be severe, including the withdrawal of its license under Article 64 of the MiCA regulations if deemed non-compliant.
Featured image from DALL-E, chart from TradingView.com
SIGN UP FOR LIGHTCHAIN 2025 - BUY NOW