KiloEx Recovers Stolen Funds from Hackers

The Decentralized Finance (DeFi) space is no stranger to hacks, rug pulls, and exploits.

Key Notes

Decentralized Finance (DeFi) protocols have been a target for hackers throughout the crypto winter. One protocol that was recently struck by an exploit is decentralized exchange (DEX) KiloEx.

The exchange was hacked on April 15, with the hacker managing to steal $7.5 million.

According to reports by crypto news outlet TokenPost, the hacker was able to exploit KiloEx’s pricing oracles to accumulate a large amount of tokens at a highly reduced price.

Like other DEXs, KiloEx relies on pricing oracles to obtain price data for the listed tokens and determine the exchange rates for the trading pairs. However, the hacker discovered a vulnerability that allowed them to manipulate the pricing oracles.

This manipulation enabled the hacker to deceive the exchange’s smart contracts into executing trades at significantly skewed prices, resulting in the transfer of a huge sum of tokens to their own wallet.

KiloEx's Response to the Breach

After the attack, the DEX noted on their X account that they would offer a 10% bounty of $750,000 if the hacker returned 90% of the loot. They also mentioned that they were watching the addresses linked to the attack and intended to “freeze the stolen funds promptly.”

To Hacker:

Our investigation, supported by law enforcement, cybersecurity agencies, and multiple exchanges & bridge protocols, has critical information about your activities.

We are actively monitoring your addresses (0x551f3110f12c763d1611d5a63b5f015d1c1a954c,…)

— KiloEx (@KiloEx_perp) April 15, 2025

They further disclosed that they would work with the authorities and cyber security partners to resolve the issue. Trading activities were paused immediately after the breach was unearthed by KiloEx.

KiloEx Recovers Stolen Funds

The hacker who carried out the exploit returned the stolen tokens to KiloEx. A few days later, the DEX announced on its X page that it had fully recovered the funds and planned to reward the white hat for choosing to return them.

As a show of good faith, the DEX noted that it was giving the white hat a reward of 10% of the recovered tokens for highlighting the flaws of KiloEx’s security infrastructure. The DEX has also disclosed that it does not intend to pursue “further legal action” and considers the breach “resolved in good faith.”

Dear Community,

We are pleased to announce that we have successful recovery of all stolen funds related to the recent security incident. This outcome underscores our commitment to protecting user assets and fostering a secure ecosystem.

1. Case Resolution Progress– The legal…

— KiloEx (@KiloEx_perp) April 18, 2025

KiloEx appreciated its partners and community members for standing with them and has disclosed that it intends to continuously improve its security architecture.

Despite the positive resolution in this case, scams and hacks in the crypto world have been on the rise.

A notable example is the Bybit hack that occurred some time ago, where North Korean-linked hackers were reportedly behind a major breach, highlighting the growing sophistication and international scale of crypto-related cybercrime.