KiloEx, a decentralized exchange (DEX) catering primarily to perpetual futures trading, recently suffered a well-planned exploit. They have all been able to recover all the stolen *money*. The recovery announcement triggered a colossal pump in KiloEx’s native token, KILO. It shot up more than 14% in less than 24 hours! This came even as the wider crypto market, as gauged by the CoinDesk 20 Index, was mostly flat on Friday.

This exploit on April 15 took advantage of a vulnerability in KiloEx’s price oracle mechanism. The attacker used complex plumbing of asset price manipulation via a series of trades across Base, BNB Chain, and Taiko networks. As it turns out, the attacker's wallet was funded via Tornado Cash, an Ethereum-based cryptocurrency mixer. The attack caused an estimated $7 million in losses for KiloEx users.

KiloEx is now in the process of formalizing the legal terms under which the company will ultimately recover these funds. KiloEx has announced a 10% bounty on how much is recovered. This bounty is intended to go to the white hat hacker who was instrumental in the recovery process.

The legal process to formally close the case is now underway, in coordination with judicial authorities, our legal team, and third-party experts (special thanks to @SlowMist_Team@blitezero, who have extensive experience in such matters). - KiloEx

To date, KiloEx has recovered the stolen assets. This settlement is a huge victory for the company as well as the wider decentralized finance (DeFi) community. That is a welcome development, especially considering the long and contentious litigation retreats that usually ensue after such incidents.

The crypto industry is still reeling from a record high number of hacks and exploits. We were stunned to read the news that blockchain security firm CertiK in Q1 of 2025, hackers absconded with a mind-boggling $1.67 billion in cryptocurrency. KiloEx responded promptly and ultimately succeeded in having the funds returned. Their response demonstrates the importance of community collaboration and proactive security measures in mitigating the devastating effects of such attacks.