KiloEx, a decentralized exchange, recently experienced a significant security breach that resulted in the loss of approximately $7.5 million. The incident was confirmed by the KiloEx team on April 15 during Asian trading hours. To manage the situation, the platform has halted all activities to limit further damage.
In their public announcement, KiloEx stated that they are collaborating with various security partners to identify the attacker and recover the stolen funds. They have shared the hacker’s wallet address, urging other platforms to blacklist it to prevent any additional misuse.
The stolen funds were taken from multiple blockchain networks, with around $3.3 million from Base, $3.1 million from opBNB, and $1 million from BNB Smart Chain, according to the security firm PeckShield.
Experts believe that the breach was due to a manipulation of the price oracle system. This means the attacker may have deceived the platform’s pricing mechanism. For instance, they could have opened a position when the price of ETH/USD was displayed as $100 and then quickly closed it at a manipulated price of $10,000, allowing them to make millions in profit. One transaction reportedly earned the hacker $3.12 million by taking advantage of an inflated ETH/USD price.
To address the situation, KiloEx is working with BNB Chain, Manta Network, and various security teams, including Seal-911, SlowMist, and Sherlock, to investigate the breach across different ecosystems. They are also planning to introduce a bounty program to encourage anyone with information about the hacker to come forward.
