KiloEx Loses $7.5 Million in Hack: Oracle Vulnerability Triggers DeFi Security Crisis, Platform Offers 10% Bounty for Settlement

KEYTAKEAWAYS

TABLE OF CONTENTS

• KEY TAKEAWAYS
• HACK DETAILS: ORACLE VULNERABILITY BECOMES ENTRY POINT
• KILOEX CRISIS RESPONSE: SERVICE SUSPENSION, BOUNTY OFFER
• MARKET REACTION: KILO TOKEN PLUMMETS, TVL DROPS SHARPLY
• INDUSTRY WARNING: WHEN WILL DEFI SECURITY VULNERABILITIES END?
• CAN KILOEX WEATHER THE CRISIS?
• DISCLAIMER
• WRITER’S INTRO

CONTENT

In the early hours of April 15, 2025, decentralized perpetual contract trading platform KiloEx suddenly announced that its treasury system had been hacked, resulting in losses of up to $7.5 million. Following the incident, KiloEx immediately suspended platform functions and collaborated with security agencies to track fund flows. 

However, with the stolen amount approaching the platform’s circulating market value ($7.36 million), users strongly questioned KiloEx’s solvency. The incident quickly escalated, becoming another major security warning in the crypto industry.

HACK DETAILS: ORACLE VULNERABILITY BECOMES ENTRY POINT

According to analysis by blockchain security firm PeckShield, the attacker exploited a vulnerability in KiloEx’s price oracle for arbitrage. The specific attack path was as follows:

• Manipulated Initial Price: The attacker set the ETH/USD price at an abnormal value of $100 (far below market price) when opening positions.

• Inflated Closing Price: Then immediately closed positions at an inflated price of $10,000, earning about $3.12 million in a single transaction.

• Repeated Attacks: The attacker didn’t stop there but continued to exploit the same vulnerability across multiple chains (Base, opBNB, BNB Chain), ultimately profiting around $7.5 million.

Security company Cyvers Alerts detected that the attacker had transferred part of the funds to a specific address (0x00FAC…) via the Across cross-chain bridge and called on stablecoin issuers (such as Tether) to freeze the related USDT assets.

KILOEX CRISIS RESPONSE: SERVICE SUSPENSION, BOUNTY OFFER

Facing the sudden attack, KiloEx quickly took the following measures:

• Emergency Platform Suspension: All trading functions were frozen to prevent further losses.

• Collaboration with Security Agencies: Partnered with on-chain analysis companies and exchanges to track fund flows.

• “White Hat Settlement” Proposal to Hacker: On the evening of April 15, KiloEx publicly addressed the attacker, promising that if 90% of funds were returned within 72 hours, they could keep 10% as a bounty and avoid legal consequences; otherwise, they would work with law enforcement to freeze assets.

However, this proposal sparked community controversy. Some users believe that paying a 10% ransom might encourage hacker behavior; others questioned whether KiloEx has the ability to fully compensate users for losses.

MARKET REACTION: KILO TOKEN PLUMMETS, TVL DROPS SHARPLY

The attack had serious impacts on the KiloEx ecosystem:

KILO price plummeted by 30%, triggering panic selling among investors and severely damaging market confidence. Before the announcement, KILO had already fallen from $0.05 to $0.035, with market panic spreading.

he platform’s Total Value Locked (TVL) plunged from tens of millions of dollars at its peak to $31 million, with a clearly intensifying trend of capital outflow. According to DeFiLlama data, KiloEx’s Total Value Locked (TVL) plummeted from tens of millions of dollars at its peak to $31 million, with obvious capital flight.

Despite KiloEx’s recent strategic partnership with DWF Labs and Binance Wallet support, this security incident has seriously undermined the foundation of community trust. Despite KiloEx’s recent strategic partnership with DWF Labs and Binance Wallet support, this incident severely damaged investor trust.

INDUSTRY WARNING: WHEN WILL DEFI SECURITY VULNERABILITIES END?

KiloEx is not the first DeFi project to suffer an attack due to oracle vulnerabilities. In recent years, similar incidents have frequently occurred, exposing two major hidden dangers in decentralized finance:

• Oracle Risks: Price data sources that are single or lack verification mechanisms are easily manipulated.

• Delayed Emergency Response: Most projects take remedial measures only after attacks occur, rather than reinforcing systems in advance.

This incident serves as a stark reminder that DeFi security requires both continuous smart contract monitoring beyond initial audits and improved insurance mechanisms to effectively protect user funds during vulnerabilities. 

As the ecosystem matures, protocols must adopt comprehensive protection strategies including specialized insurance partnerships and dedicated compensation funds to safeguard against emerging attack vectors.

CAN KILOEX WEATHER THE CRISIS?

Currently, KiloEx faces two key challenges. For fund recovery challenges, KiloEx faces significant hurdles if the hacker refuses their settlement offer, as they would then be forced to rely on law enforcement agencies to freeze assets—a process complicated by the inherent difficulties of cross-chain transaction tracking in decentralized networks.

Regarding user compensation, should KiloEx fail to fully recover the stolen funds, the platform may have no choice but to tap into reserve funds or issue additional tokens to compensate affected users, potentially further diluting KILO’s market value and exacerbating investor concerns.

As of publication, the hacker has not publicly responded to KiloEx’s bounty proposal. Media outlets such as BlockBeats and PANews will continue to track developments.

The KiloEx attack is not just a crisis for one platform but a security alarm for the entire DeFi ecosystem. In the crypto world where innovation and risk coexist, how to balance development speed with system robustness remains an urgent proposition for the industry.

CoinRank x Bitget – Sign up & Trade to get $20!