'Sophisticated' KiloEx Hack Shows DeFi's Risks — But This Time the Recovery Was Swift
'Complex' KiloEx Hack Highlights DeFi Risks — But This Time, Recovery Was Quick
The company will offer a 10% reward to hackers who help fix the vulnerability.
Posted by Aoyon Ashraf | Edited by Nikhilesh De April 18, 2025 3:36 pm
Key points:
- KiloEx said on Friday that it had successfully recovered all stolen funds following a sophisticated attack on its platform.
- DEX pays 10% of the recovered funds to the “white hat hackers” who helped in the process.
- According to the company, the attack exploited a vulnerability in the KiloEx price oracle system, which highlighted ongoing risks in the decentralized finance space.
KiloEx, a decentralized exchange (DEX) for trading perpetual futures, announced on Friday that it has recovered all of its funds that were stolen in a complex attack this week that left users with losses of around $7 million.
DEX is working to complete the legal procedures to recover the funds and is awarding 10% of the recovered amount as a reward to the hacker who facilitated the process.
“The legal process to formally close the case is currently underway, coordinated by the judiciary, our legal team and third-party experts (special thanks to @SlowMist_Team@blitezero who have significant experience in such situations),” KiloEx said in a social media post on Friday.
KiloEx's KILO token has surged more than 14% in 24 hours on recovery news, while the broader CoinDesk 20 market index was flat on Friday.
The crypto industry has been plagued by numerous hacks and exploits that have left attackers with billions of dollars in losses. Blockchain security company CertiK reported that hackers stole $1.67 billion worth of cryptocurrency in Q1 2025, up 303% from the previous quarter. Much of the Q1 loss was due to the massive $1.45 billion Bybit hack.
The April 15 KiloEx exploit affected multiple blockchain networks and appears to have arisen from a vulnerability in the platform’s price oracle system, according to blockchain analytics firm Cyvers. Oracles are blockchain-based tools that feed external data into the blockchain, where smart contracts use it to make decisions in a financial application.
The attacker used a wallet funded through Tornado Cash and performed a series of transactions across the Base, BNB Chain, and Taiko networks to exploit a vulnerability in the platform's price oracle system, allowing him to manipulate asset prices.
KiloEx may be one of the few crypto exploits where the outcome was positive for the DEX, while most were not so lucky. CertiK noted in its report that only 0.38% of stolen funds in Q1 were recovered, compared to 42.09% in the previous quarter.
One of the growing trends highlighted by the KiloEx hack is that the community has come together to recover funds rather than wait for protracted legal battles that result in millions in losses for investors. However, the exploit remains a stark reminder of the serious risks in decentralized finance, where even small vulnerabilities can lead to significant losses, testing the trust in the code.
Read more: Crypto investors lost $1.67 billion due to hacks and exploits in Q1: CertiK
Bulgarian
Czech
English
French
Georgian
German
Italian
Kazakh
Polish
Portuguese
Slovak
Spanish
Ukrainian