European regulators are investigating OKX's Web3 platform after a $1.5 billion hack on the Bybit exchange, with the belief that stolen funds were laundered through the platform.
European regulators are investigating OKX's Web3 platform after a $1.5 billion hack on the Bybit exchange, with the belief that stolen funds were laundered through the platform. The investigation focuses on whether OKX’s Web3 platform falls under the EU’s new Markets in Cryptoassets (MiCA) regulation, which would determine if the platform should face penalties. Regulators from Austria and Croatia have argued that, because OKX’s Web3 service is integrated with the exchange, it should be subject to MiCA.
The hack involved North Korean hackers who laundered around $100 million worth of Ether through decentralized finance services. On March 6, European regulators held a meeting to determine if OKX’s Web3 platform should fall under MiCA. Some regulators argued that because OKX controls its Web3 platform through OKX Singapore, it should be regulated by MiCA, despite the service being marketed as decentralized and self-custodial.
In response to the allegations, OKX denied any involvement in laundering the stolen funds. The company stated that it has been working with Bybit to track wallet addresses and block those associated with the breach. OKX also clarified that its Web3 service functions as a wallet aggregator and is designed to provide an enhanced user experience, maintaining that it is separate from its centralized exchange and not directly regulated by Singapore's central bank.
OKX operates its European hub in Malta, where it has been granted MiCA pre-authorization, allowing it to offer services across the European Economic Area. However, some regulators have raised concerns about this authorization, suggesting that it may need to be re-evaluated due to the hack. If the Web3 service is considered part of the centralized exchange, it could face more stringent regulatory oversight. This would likely impact other platforms operating similarly.
OKX CEO Star Xu has criticized Bybit’s handling of the breach, stating that Bybit’s own vulnerabilities led to the attack. He emphasized that Bybit’s Web3 wallet and decentralized exchange were based on OKX’s API. Despite this, OKX has insisted that it took immediate action to freeze the funds entering its centralized exchange and blocked the hacker’s addresses from using its decentralized services.
Regulators are also investigating whether the attack violated sanctions on North Korea, given the suspected involvement of North Korean hackers. While no formal actions have been taken yet, regulators are preparing to take enforcement actions if necessary. The outcome of the investigation could have significant consequences for OKX and influence how Web3 platforms are regulated across Europe in the future.
This article contains links to third-party websites or other content for information purposes only (“Third-Party Sites”). The Third-Party Sites are not under the control of CoinMarketCap, and CoinMarketCap is not responsible for the content of any Third-Party Site, including without limitation any link contained in a Third-Party Site, or any changes or updates to a Third-Party Site. CoinMarketCap is providing these links to you only as a convenience, and the inclusion of any link does not imply endorsement, approval or recommendation by CoinMarketCap of the site or any association with its operators.
This article is intended to be used and must be used for informational purposes only. It is important to do your own research and analysis before making any material decisions related to any of the products or services described. This article is not intended as, and shall not be construed as, financial advice.
The views and opinions expressed in this article are the author’s [company’s] own and do not necessarily reflect those of CoinMarketCap.
