- OKX faces scrutiny from European regulators, media reports say.
- Bybit hackers used its web3 service to launder $100 million in stolen crypto.
- OKX says it has implemented new measures after consulting regulators.
OKX is not happy.
In the latest twist in the $1.4 billion Bybit hack, OKX, the Seychelles-based crypto exchange, is scrambling to contain the fallout from reports the thieves laundered $100 million on its web3 platform.
Representatives of the exchange criticised “targeted media reports questioning our integrity” in social media posts.
But the exchange did not deny the perpetrators of the record heist — which was North Korea’s Lazarus Group, DL News has reported — used its services to hide the proceeds from the heist.
Indeed, Bybit said on March 4 said the Lazarus Group laundered approximately $100 million through the OKX Web3 platform.
Suspended aggregator
On Monday, OKX said it has temporarily suspended its decentralised exchange aggregator after speaking with regulators in the European Union.
The company also said it has rolled out a hacker address detection system, and a system to track digital thieves’ last addresses and to block them.
“Rather than shy away, we chose to take decisive action,” OKX said in a statement.
Other decentralised protocols, such as ParaSwap, Chainflip, and Thorchain, have also struggled to prevent Lazarus from laundering stolen funds.
OKX did not immediately reply to a request for comment.
OKX, a centralised exchange that does around $2 billion in daily trading volume, is also under scrutiny by regulators in the European Union, Bloomberg News reported last week.
They are trying to determine whether OKX’s web3 platform, which is a decentralised aggregator of crypto market data, falls in their jurisdiction.
On March 6, Austrian and Croatian officials argued that the OKX web3 platform should fall under the bloc’s Markets in Crypto-assets Regulation regime, or MiCA, due to its integration with the company’s main exchange.
Stricter rules
They expressed these views during a meeting of the European Securities and Markets Authority’s Digital Finance Standing Committee.
The development comes as EU lawmakers and regulators are implementing the MiCA framework. The law has introduced stricter rules on who is allowed to operate across the bloc.
While fully decentralised platforms are exempt from some of MiCA’s rules, regulators are debating whether OKX’s web3 services meet that threshold.
Some regulators even suggested that Malta — the island nation where OKX holds its MiCA pre-authorisation — should revoke the company’s licence, according to Bloomberg.
EU regulators also questioned whether the Lazarus Group’s use of the platform represents a violation of sanctions on North Korea, Bloomberg reported.
MiCA has purview over crypto custodians. In its statement released on Monday, OKX said its web3 aggregator was not a custodian of assets.
Censorship resistant
For some market watchers, the case highlights a tough choice for DeFi platforms: to either be compliant with regulations or be truly decentralised.
“You’re either compliant or you’re censorship resistant. Anything in the middle is a dead end,” tweeted Armani Ferrante, CEO of crypto wallet and exchange Backpack.
In any event, the unnamed OKX representatives who authored its statement on the matter bristled at the news of its role in the Bybit episode.
“While we usually stay focused on building and protecting the industry, we can’t ignore the fact that these attacks are happening at a time when we are actively fighting against financial crime,” OKX said in a statement.
Kyle Baird is DL News’ Weekend Editor. Got a tip? Email at kbaird@dlnews.com.