PANews reported on March 15th that, regarding the hacking incident involving the Wuhan Anjun Technology team exploiting a vulnerability in the OKX wallet plugin, OKX CEO Star stated on the X platform that the wallet security team has completed its investigation and that describing it as an "OKX wallet vulnerability" is inaccurate. Two points need clarification:

1. This incident is not a security vulnerability in the OKX Web3 wallet. The attack method involves hackers using Trojan software to control user devices and then stealing locally stored encrypted files and passwords by modifying webpage JavaScript code to inject hooks or by listening to keystrokes.

2. The OKX Web3 wallet is a 100% self-custodied wallet. Private keys and passwords reside only on the user's own device; OKX cannot access or control user assets. However, if the user's device itself has been compromised by a hacker, then no wallet—including MetaMask—can guarantee security. This is like a thief being able to operate your computer and see all your keystrokes.

User device security is always a critical aspect of self-hosted systems. Users are advised to avoid installing software or plugins from unknown sources, regularly check device security, and properly protect their mnemonic phrases and private keys.