{"id":127177,"date":"2025-04-15T02:24:17","date_gmt":"2025-04-15T02:24:17","guid":{"rendered":"http:\/\/cryptospotters.net\/?p=127177"},"modified":"2025-04-15T02:24:17","modified_gmt":"2025-04-15T02:24:17","slug":"decentralized-exchange-kiloex-says-7-5m-exploit-has-been-contained","status":"publish","type":"post","link":"http:\/\/cryptospotters.net\/?p=127177","title":{"rendered":"Decentralized exchange KiloEx says $7.5M exploit has been contained"},"content":{"rendered":"<p>Source: Cointelegraph.com NewsDecentralized exchange KiloEX has confirmed it has suspended usage of its platform and is tracing stolen funds after suffering a $7.5 million exploit.\u00a0<br \/>\nThe exploit has been contained, with use of the platform suspended and an investigation underway, the KiloEX team said in an April 14 statement to X.<br \/>\n\u201cThe team has immediately suspended platform usage and is working with security partners to trace the flow of funds,\u201d KiloEX said.\u00a0<br \/>\n\u201cWe are analyzing the attack vector and affected assets. We are collaborating with ecosystem partners to trace and recover funds where possible.\u201d\u00a0<br \/>\nSource: KiloEXA bounty program and a full report on how the exploit occurred is also in the works, according to KiloEX.\u00a0<br \/>\nIn an update, the KiloEX team said it was collaborating with BNB Chain, Manta Network, and cybersecurity firms Seal-911, SlowMist and Sherlock in an effort spanning \u201cmultiple ecosystems.\u201d\u00a0<br \/>\n\u201cOur investigation has confirmed that the stolen assets are currently being routed through zkBridge and Meson,\u201d KiloEX said.\u00a0<br \/>\n\u201cWe are urgently attempting to engage with both protocols to halt ongoing transactions and prevent additional losses.\u201d\u00a0<br \/>\nKiloEX attacker exploited price oracle issue, say analysts\u00a0<br \/>\nCybersecurity firm PeckShield said in an April 14 post to X the exploiter looted $7.5 million in total, $3.3 million Base, $3.1m opBNB and $1m BSC.\u00a0<br \/>\nThe firm has speculated the exploit is likely a \u201cprice oracle issue,\u201d where the information used by a smart contract to determine the price of an asset is manipulated or inaccurate, leading to the exploit.\u00a0<br \/>\n\u201cOur initial analysis on one transaction exploit indicates a price oracle issue,\u201d PeckShield said.\u00a0<br \/>\nSource: PeckShield\u201cThe hacker exploits it to create a new position with initial given ETH\/USD price of 100 and then immediately close the position with inflated ETH\/USD price of 10000, netting the $3.12m profit in one single transaction.\u201d\u00a0<br \/>\nChaofan Shou, co-founder of blockchain analytics firm Fuzzland, also weighed in, speculating the exploit was likely due to a price oracle issue.<br \/>\n\u201cAnyone can change the Kilo\u2019s price oracle. They did verify that the caller shall be a trusted forwarder, though, but didn\u2019t verify the forwarded caller,\u201d Shou said.\u00a0<br \/>\nShou added it was a \u201cvery simple vulnerability\u201d when a user asked about the complexity of the exploit.\u00a0<br \/>\nSource: Chaofan ShouThe news has sent the KiloEX\u2019s native token, Kilo, plunging over 27% to trade at $0.03596, according to CoinGecko. It\u2019s still down over 78% from its all-time high of $0.1648, which it hit on March 27.<br \/>\nRelated: Mantra CEO says OM token recovery \u2018primary concern\u2019 but in early stages<br \/>\nKiloEx was established in 2023 and is backed by Binance Labs, which is a lead investor and strategic partner.\u00a0<br \/>\nThis exploit comes just days after the exchange announced a partnership with Dubai-based Web3 venture capitalist firm DWF Labs on April 13, which promised to expand KiloEx&#8217;s market presence and accelerate growth.\u00a0<br \/>\nOn March 25, DWF Labs launched a $250 million Liquid Fund to accelerate the growth of mid- and large-cap blockchain projects and drive real-world adoption of Web3 technologies.<br \/>\nMagazine: Bitcoin eyes $100K by June, Shaq to settle NFT lawsuit, and more: Hodler\u2019s Digest, April 6\u201312<a href=\"https:\/\/cointelegraph.com\/news\/kiloex-exploited-attacker-used-price-oracle-7-5-million?utm_source=rss_feed&amp;utm_medium=rss&amp;utm_campaign=rss_partner_inbound\" target=\"_blank\" class=\"feedzy-rss-link-icon\" rel=\"noopener\">Read More<\/a><\/p>","protected":false},"excerpt":{"rendered":"<p>Source: Cointelegraph.com NewsDecentralized exchange KiloEX has confirmed it has suspended usage of its platform and is tracing stolen funds after suffering a $7.5 million exploit.\u00a0 The exploit has been contained,&hellip; <\/p>\n","protected":false},"author":0,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[5],"tags":[],"_links":{"self":[{"href":"http:\/\/cryptospotters.net\/index.php?rest_route=\/wp\/v2\/posts\/127177"}],"collection":[{"href":"http:\/\/cryptospotters.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/cryptospotters.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"http:\/\/cryptospotters.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=127177"}],"version-history":[{"count":0,"href":"http:\/\/cryptospotters.net\/index.php?rest_route=\/wp\/v2\/posts\/127177\/revisions"}],"wp:attachment":[{"href":"http:\/\/cryptospotters.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=127177"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/cryptospotters.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=127177"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/cryptospotters.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=127177"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}