| Key Points: – DEX KiloEx Hack resulted in a $7.5 million exploit due to a price oracle flaw. – KiloEx has halted operations and is working with security firms to trace funds. – The attacker manipulated ETH/USD pricing, earning over $3M in a single trade. – KILO token plunged over 30%, losing nearly 78% from its ATH in March. |
DEX KiloEx Hack triggered a $7.5M exploit via a price oracle flaw, prompting the exchange to freeze activity and trace stolen funds with cybersecurity firms.
The exploit highlights persistent vulnerabilities in DeFi platforms’ oracle architecture. With multi-chain transactions and cross-chain bridges involved, the attack underscores systemic risks that can ripple across the ecosystem.
DEX KiloEx Hack traced to price oracle vulnerability
The DEX KiloEx Hack was first flagged on April 15 by Web3 security firm Cyvers, which detected suspicious transactions across multiple chains.
The attacker exploited an access control flaw in the Oracle system, using a Tornado Cash-funded address to manipulate ETH/USD pricing. By opening a position at $100 per ETH and closing it at $10,000, the hacker walked away with $3.12 million in one trade alone.
PeckShield estimated the total damage at $7.5 million: $3.3M from Base, $3.1M from opBNB, and $1M from BNB Chain.
Fuzzland co-founder Chaofan Shou confirmed that the exploit stemmed from a missing verification step that failed to identify the original transaction sender, creating a critical security lapse.
KiloEx suspends activity and works to recover stolen assets
KiloEx swiftly acknowledged the DEX KiloEx Hack and disabled its platform while launching an investigation. The attacker’s wallet—0x00faC9…—was blacklisted, and KiloEx began collaborating with security groups including SlowMist, Sherlock, and Seal-911 to trace the flow of funds. They’ve also reached out to zkBridge and Meson, two cross-chain bridges the attacker is allegedly using to obscure stolen assets.
As of now, two wallets associated with the exploit hold over $8.2 million, including $3.8M in USDT and $2.1M in WBTC. KiloEx plans to roll out a bounty program and publish a detailed post-mortem report to maintain transparency with the community.
Market fallout: KILO crashes as confidence sinks
The DEX KiloEx Hack had immediate market consequences. The KILO token plummeted by over 31% in 24 hours, falling to $0.036. This marks a 76% decline from its all-time high of $0.153 reached just weeks earlier on March 27.
The timing couldn’t have been worse: just one day prior, KiloEx announced a strategic partnership with DWF Labs aimed at expanding its market presence.
Established in 2023 with backing from Binance Labs, KiloEx now faces a reputational crisis. With user trust shaken and assets compromised, the project’s next steps in security, communication, and fund recovery will be critical for its survival.
| DISCLAIMER: The information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing. |
Other Posts
Latest
Crypto Markets Remain Unaffected Amid U.S. Tariff Policy Discussions
Binance Emphasizes Listing and Delisting Criteria in Latest Update
Press Release
EigenLayer Integrates its Restaking Tech into Kite AI’s Marketplace
Richard Heart Triumphs in Court After SEC Case Dismissed in Full
