A user known as “来日方长” (The Future is Long) has reported a significant security breach involving their OKX account, resulting in a loss exceeding $2 million. According to WuBlockchain, the user detailed that scammers had obtained all of his personal information through Telegram. Utilizing this data, the attackers accessed his email account and initiated a password reset. They then employed an AI-generated video to change his phone number, email address, and Google Authenticator settings. This sophisticated method allowed the scammers to drain the account within 24 hours.
The incident emphasizes the growing threat of AI-driven cybercrime in the crypto sector. Deepfake technology, which can mimic a person’s voice, face, and gestures, has been increasingly used in cyber attacks. As reported by Government Technology, these AI-generated deepfakes can deliver disinformation and fraudulent messages at an unprecedented scale and sophistication, making them harder to detect and stop. This new generation of cyber attacks is undermining trust in digital interactions, posing significant challenges for both individuals and organizations.
The breach involving 来日方长 is part of a broader trend of AI-related fraud. Earlier this year, Fortune highlighted the emergence of OnlyFake, a site capable of producing highly realistic fake IDs that can fool know-your-customer processes at crypto exchanges like OKX. These developments indicate that cybercriminals are increasingly leveraging AI to bypass traditional security measures.
In response to these threats, experts emphasize the importance of enhanced security awareness and training. As noted by Government Technology, effective security awareness training can change security culture, making individuals more vigilant and better equipped to detect sophisticated phishing attacks. Moreover, organizations are encouraged to adopt new technology tools that use AI to detect and prevent message fraud, thereby fighting fire with fire.
As of now, neither OKX nor the cybersecurity firm SlowMist has issued a response regarding the incident involving 来日方长. CryptoSlate has reached out to OKX for comment but has not received a response as of press time. WuBlockchain has urged exchanges to heighten their security measures and for users to be more vigilant about the protection of their personal information to mitigate the risk of such advanced attacks. The incident serves as a stark reminder of the evolving nature of AI cyber threats and the need for continuous adaptation in security practices.