- KiloEx will fully compensate traders affected by a $7.5 million exploit in April.
- Stakers’ principal and earnings remain safe, with an additional 10% APY bonus for eligible users.
- The Hacker exploited a price oracle vulnerability but later returned the funds in exchange for a 10% white hat bounty.
KiloEx, a decentralized exchange (DEX), announced on April 24 that it will provide full compensation to traders affected by a $7.5 million exploit earlier this month. According to the announcement, traders who had open positions during the platform’s suspension will receive payment for any increased losses or decreased profits they experienced.
The exchange advised users to close their positions immediately once operations resume, as any delay could affect profit and loss calculations that determine compensation amounts. "Please close your position as soon as possible after the platform resumes. Compensation will be calculated based on the platform’s resume time," KiloEx stated in their official communication.
For users with funds in the platform’s Hybrid Vault, KiloEx confirmed that all stolen funds were fully reinjected into the vault, meaning stakers’ principal amounts and earnings remain unaffected. As a goodwill gesture, the exchange will provide an additional 10% annual percentage yield (APY) bonus to eligible stakers who had funds in the vault before operations resume.
Hacker Returns Funds After Bounty Offer
On April 15, KiloEx offered the hacker a 10% bounty ($750,000) if they returned 90% of the stolen funds. The exchange had threatened legal action and identification of the hacker if they didn’t comply. Shortly afterward, security platforms detected transactions showing the stolen funds were being returned.
By April 18, KiloEx confirmed it would withdraw all legal action against the hacker and reward them with the promised 10% white hat bounty. This resolution allowed the platform to begin preparations for resuming normal operations.
Technical Details of the Security Breach
The exploit that led to the $7.5 million loss occurred on April 14, causing KiloEx to suspend its platform while containing the security breach. Security firm PeckShield identified that the attacker likely exploited a vulnerability in the price oracle system, allowing them to artificially manipulate prices for profit.
In its post-mortem report, KiloEx explained that the attacker exploited a permissionless function to craft requests that should have been restricted to authorized entities only. Using this method, they opened positions at artificially low prices and closed them at higher values, generating illegitimate profits.
The incident highlights ongoing security challenges faced by decentralized finance platforms, even as KiloEx works to make affected users whole through its comprehensive compensation plan.
✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.
Previous Articles:
- Bitcoin Shows Resilience Amid Market Uncertainty, Analysts Cautious
- Trump Media denies reports of planned share sales, calls media coverage misleading
- FBI reports $9.3B in crypto fraud losses with over-60s most affected
- Trump Media expands Truth+ streaming service to Canada and Mexico
- Bank of Ghana to Regulate Cryptocurrency Platforms by September 2025
