Crypto exchange OKX has brought its decentralized exchange (DEX) aggregator back online with new security upgrades after it was paused in March to prevent further misuse by the North Korean hacking crew, the Lazarus Group.

OKX founder and CEO Star Xu said in a May 4 statement to X that the DEX aggregator, OKX Web3, will resume with several new features, including a “real-time abuse detecting and blocking system.”

A DEX aggregator is a service that pulls data from multiple decentralized exchanges and market makers and then presents it to users to assist with trading. Xu says, “OKX Web3 is a browser and search engine for blockchain.”

Source: Star Xu

At the same time, OKX said in a May 4 statement that the latest upgrade includes other new security measures to identify suspicious or fraudulent onchain activity from hackers and other bad actors.

“Our dynamic database of suspect addresses blocks hackers and bad actors real-time, while proactive alerts warn you about risky transactions,” the exchange said.

“We’re audited and verified by leading blockchain security firms like CertiK, Hacken and SlowMist, and infrastructure tested through our bug bounty program.”

Another feature added to the onchain analysis tool categorizes wallet holders by identifying them as possible whales or snipers.

OKX paused DEX aggregator after hackers misused DeFi services 

OKX said on March 17 that it temporarily paused its DEX aggregator to prevent “further misuse” by North Korean hacking collective Lazarus Group, promising upgrades to stave off a repeat of the incident.

The exchange also said at the time it was developing a hacker address system that would track bad actors’ latest addresses and block them. 

Bloomberg alleged in a March 11 report that European Union financial watchdogs were investigating the firm’s DEX aggregator and its wallet services for an alleged role in laundering funds from the $1.4 billion Bybit hack in February.

Related: OKX reenters US market following $505M DOJ settlement

OKX responded the same day, arguing that Bloomberg was mistaken because the self-custody wallet service swap feature serves as an aggregator and is not a custodian of customer assets. 

Other crypto services have also been caught up in the Lazarus Group’s hack. Crypto exchange eXch announced it ceased operations on May 1 after reports alleged the firm was used to launder funds from the hack. 

The exchange initially denied reports from crypto sleuths suggesting that it had laundered digital assets for the Lazarus Group. However, it later admitted to processing some funds from the February hack.

Magazine: Your AI’ digital twin’ can take meetings and comfort your loved ones