The hacker behind the recent $7.5 million exploit of decentralized exchange KiloEx has returned all stolen funds, just four days after the platform proposed a white hat bounty.
The exploit, which led KiloEx to suspend operations on April 15, prompted immediate audits and a community-led response. In a bid to recover user funds, KiloEx offered the attacker a 10% bounty—equal to $750,000—if 90% of the assets were returned, with a guarantee of no legal action.
Blockchain security firm PeckShield confirmed on April 18 that approximately $5.5 million had already been returned, with the remaining balance soon following. KiloEx later announced full asset recovery, stating it would honor the bounty agreement and refrain from further legal steps.
Bounty Ends Incident, Highlights DeFi Security Gaps
The bounty, equal to 10% of the stolen $7.5 million, helped de-escalate the breach without prolonged legal proceedings. KiloEx confirmed the exploiter is now officially recognized as a white hat participant.
“The legal process to formally close the case is now underway. With all affected funds fully restored , we are fulfilling our pledge to resolve this matter fairly and transparently,” the release stated.
“In adherence to our agreement, we will award 10% of the recovered amount as a bounty to the white hat involved, recognizing their contribution to improving our platform’s security,”
Behind the scenes, KiloEx collaborated with cybersecurity firms including Seal-911, SlowMist, and Sherlock, as well as law enforcement agencies, to investigate the exploit. According to PeckShield’s findings, the breach stemmed from a flaw in the platform’s price oracle system—an oft-targeted vulnerability where manipulated data feeds cause smart contract miscalculations.
Crypto Hacks Surge in 2025’s First Quarter
The KiloEx incident is part of a broader trend of rising cyberattacks in the DeFi space. In Q1 2025 alone, crypto platforms lost over $1.63 billion to various exploits—a 131% increase compared to the same period in 2024.
Among the year’s most notable attacks was the February 21 breach of Bybit, which resulted in the loss of approximately $1.5 billion in Ethereum. The incident was linked to North Korea’s Lazarus Group, who exploited flaws in the platform’s cold wallet infrastructure.
Other major Q1 hacks include:
- Infini: $50 million stolen via smart contract vulnerability
- zkLend: $9.5 million lost in a protocol exploit
- Ionic: $8.5 million drained in a flash loan attack
As DeFi continues to grow, the need for more robust smart contract auditing, oracle security, and incident response frameworks has become increasingly urgent.
Quick Facts
- KiloEx lost $7.5 million on April 15 due to a price oracle flaw
- The attacker returned all funds following a white hat bounty deal
- KiloEx will pay the $750,000 bounty and drop legal charges
- Q1 2025 saw over $1.6 billion in crypto hacks—up 131% year-over-year
