Hacker Returns $7.5M in KiloEx Breach After Bounty Deal
We may earn commissions from affiliate links or include sponsored content, clearly labeled as such. These partnerships do not influence our editorial independence or the accuracy of our reporting. By continuing to use the site you agree to our terms and conditions and privacy policy.
A decentralized exchange targeted in a multi-million-dollar exploit has recovered its losses just days after the incident, thanks to an unexpected twist involving the hacker themselves.
KiloEx, a decentralized trading platform, confirmed on April 18 that it had received back the full $7.5 million drained in a recent attack. The surprise return of funds came four days after the breach, which had forced the platform to suspend operations temporarily.
The attacker’s sudden change of heart appears to have been triggered by KiloEx’s public offer of a 10% white-hat bounty—roughly $750,000—on the condition that 90% of the stolen assets were returned. Within days, wallets linked to the breach began transferring millions back to KiloEx, as confirmed by blockchain security firm PeckShield.
The platform had been working with cybersecurity partners including Sherlock, SlowMist, and Seal-911, as well as law enforcement, in efforts to track down the source of the attack. Early investigations pointed to a manipulated price oracle—a known vulnerability in decentralized finance—which may have enabled the exploit.
Despite the initial alarm, the swift resolution has allowed KiloEx to reassure users that no funds were lost. The platform has now begun closing the case, stating that it will not pursue legal action and will honor its bounty commitment.
KiloEx described the incident as a wake-up call and said it would continue enhancing its smart contract infrastructure. “With no victims and full restitution, we consider this matter settled. We’ll reward the white hat and keep working to make our platform more secure.”
Commentaries 
Fill in necessary fields and publish