cyrpto 7.4M, DEX, exploit, KiloEx, loses, oracle, perpetual, price Mark April 15, 2025 0 Comments

KiloEx perpetual DEX loses $7.4M in price oracle exploit

Kiloex, a decentralized perpetual negotiation platform supported by Yzi Labs, was operated for around $ 7.4 million during a transversal attack.

The attack was reported for the first time by the alerts of the blockchain security platform on April 14 at 7:30 p.m. UTC. The company indicated that a portfolio funded via Tornado species made a number of questionable transactions on the basis of the base, Taiko and BNB (Bnb). A vulnerability to control the access control to the Oracle has been reported as the deep cause. The stolen funds include a USD part (USDC), which can be put on black list by transmitters.

Kiloex then confirmed the feat, urging protocols and platforms for blacklisting the striker’s portfolio and announcing an immediate suspension of the activity of the platform. The platform said that actions were taken to initiate bridge protocols and prevent additional losses. Kiloex has also announced that it would start a premium program and publish a complete post-mortem report.

🚨 Announcement of the security incident: kiloex vault feat

Dear Kiloex community,
We regret informing you that the Kiloex safe has been exploited. The address of the striker’s portfolio is:
0x00FAC92881556A90FDB19EAE9F23640B95B4BCBD
We urge all partner protocols and platforms for …

– kiloex (@kiloex_perp) April 14, 2025

In a subsequent update, the team said they were working with the SEAL-911 blockchain security companies, Slowmist and Sherlock, alongside networks like BNB Chain and Mantwork, to investigate and recover stolen funds. The assets were allegedly filled via ZKBRIDGE and MESON.

A more in -depth analysis of the blockchain security company, Peckshield, estimated the losses at around $ 7.5 million, with $ 3.3 million on the basis, $ 3.1 million on OPBNB and $ 1 million on BSC.

The company confirmed that a manipulated price oracle allowed the attacker to open a position using an ETH / USD price of 100, then close it immediately using an inflated value of 10,000, generating millions in a single transaction.

THE @Kiloex_perp The protocol was hacked today with a loss of ~ 7.5 m ($ 3.3 million basic, $ 3.1 million in OPBNB, $ 1 million in BSC).

The protocol is now interrupted! Our initial analysis on a TX feat indicates a price of price oracle. And the pirate uses it to create a new position with the initial given …

– Peckshield Inc. (@peckshield) April 14, 2025

The Kiloex feat adds to an increasing trend of hacks defi. In the first quarter of 2025, $ 1.64 billion was stolen, making it the worst quarter of all time for cryptocurrency exploits, according to the first quarter of Immunofi 2025 report. While centralized financing platforms have lost $ 1.5 billion in two attacks, the DEFI protocols lost $ 106.8 million in 38 incidents.