A sophisticated deepfake scam targeted an OKX user after their personal information was compromised in a Telegram data breach. The victim reported on June 3 that the attack had resulted in the theft of millions worth of crypto assets.
According to local media outlet WuBlockchain, Lai Japanese Fang Chang detailed that the scammers purchased his personal information from a Telegram breach to access his email through the “forgotten password” feature.
Posing as Chang, the scammers used a deepfake video to change his security settings, including his email ID and Google authenticator settings. Within 24 hours, Chang’s OKX account lost over $2 million in crypto assets.
An OKX user disclosed today that hackers purchased his personal information and used AI to create fake videos. Hackers used these to change the victim's OKX passwords and even 2FA. More than $2 million US were stolen. Be wary of Deepfakes and personal data leaks.…
— Wu Blockchain (@WuBlockchain) June 3, 2024
OKX confirmed the incident and promised to help the victim recover the asset by collaborating with law enforcement.
Deepfake AI scams indicate the growing threat of AI in the crypto sector.
Deepfake technology, which can mimic a person’s voice, face, and gestures, has been increasingly used in cyber attacks. According to several reports, these AI-generated deepfakes can deliver disinformation and fraudulent messages, making them difficult to detect and stop.
This recent OKX user’s account breach is part of a broader trend of AI-related fraud.
On February 6, 2024, a report by Fortune highlighted the emergence of OnlyFake, a site capable of producing highly realistic fake IDs that can deceive know-your-customer (KYC) processes at crypto exchanges like OKX. The report
Read more on cryptonews.com