White Hat? KiloEx Hacker Returns $1.9M from Stolen Funds

On April 15th, decentralized protocol KiloEx fell victim to a price oracle exploit, losing $7 million. Fast-forward to the present, the hacker has returned approximately $1.9 million from the stolen funds. This suggests that the hacker may return the remaining funds to the exchange.

KiloEx is a decentralized finance (DeFi) protocol that offers perpetual trading on the BNB Chain. It is also accessible on blockchain networks like opBNB, Base, and Manta. According to its website, it boasts 877,000 users across these blockchains.

Following its security breach, KiloEx’s total value locked (TVL), as reported on DefiLlama, dropped from above $41 million to $33.93 at the time of writing.

A Possible White Hat?

White hat hackers are individuals with ethical hacking skills who identify loopholes in protocols. They inform the project owner(s) when a vulnerability is detected so that the issue can be fixed. Oftentimes, these white hats receive a bug bounty, a reward for detecting these faults.

The KiloEx hacker harnessed a vulnerability in the project’s price oracle access control to trick the system into believing in exaggerated prices. Next, they executed various trades to take advantage of the false prices. Following the attack, KiloEx halted its on-chain activities to contain the attack.

Yesterday, KiloEx addressed its community about the incident. The team disclosed that the security loophole has been fixed. They also revealed that they have partnered with the Hong Kong police and the blockchain security firm SlowMist to trace the hacker and potentially recover the funds.

KiloEx also noted that it is raising funds to recover its losses. The DeFi protocol reached out to the hacker through the on-chain messaging feature on blockchain explorers, requesting 90% of the funds. If returned accordingly, KiloEx promises to take no further action.

Since the hacker has returned about $1.9 million, representing 27% of the stolen funds, the remaining funds will likely be returned. If the latest move is a nod to returning 90% of the funds, the hacker will end up keeping approximately $700,000 (10% of the funds) as their bounty.

The post White Hat? KiloEx Hacker Returns $1.9M from Stolen Funds appeared first on Cointab.