According to Colin Wu, an Asia-focused journalist, a blockchain security firm called SlowMist revealed that the security breach on OKX was carried out using SIM hijacking. This type of fraud involves attackers manipulating a carrier to transfer the cell phone number of a victim to themselves. By doing this, they are able to intercept the victim’s calls or text messages, which are often required for two-factor authentication on online accounts.
