The hacker behind KiloEx’s recent $7.4 million exploit has returned $1.4 million worth of USDT following days of silence. The update was shared by blockchain security firm PeckShield in an Apr. 18 post on X, confirming that funds linked to the attack were sent back to KiloEx’s address. KiloEx, a decentralized perpetuals trading platform backed by YZi Labs, was hacked on Apr. 15 in a cross-chain attack that targeted Base, opBNB, and BNB Chain ( BNB ). #PeckShieldAlert #KiloEx exploiter -labeled addresses has returned ~1.4M #USDT to #KiloEx https://t.co/SijPGua1ur pic.twitter.com/rPKAJtdWm2 — PeckShieldAlert (@PeckShieldAlert) April 18, 2025 The exploit was first flagged by Cyvers Alerts, which linked the incident to a wallet funded via Tornado Cash. A price oracle vulnerability was the main cause, enabling the attacker to manipulate ETH/USD values and use inflated prices to drain funds. The losses were distributed among Base ($3.3M), opBNB ($3.1M), and BSC ($1M), per PeckShield’s breakdown. You might also like: ZK token crashes after $5m airdrop exploit confirmed by ZKsync KiloEx DEX gave the attacker a 72-hour ultimatum and offered a whitehat bounty of 10% of the stolen money in exchange for returning the remaining amount. “We are actively monitoring your addresses… and are prepared to freeze the stolen funds promptly,” the team warned. When the hacker failed to respond, KiloEx filed a formal case with Hong Kong police on Apr. 17 and partnered with cybersecurity firm SlowMist to support the investigation. The company said it had already shared critical data with law enforcement and will release a full incident report once the probe progresses. Dear KiloEx Users, We would like to update you on the latest developments regarding the April 15th hacker incident. 1. We have reported the incident to the Hong Kong police, and a formal case has been filed. KiloEx is working with both the Criminal Division and the Cybercrime… — KiloEx (@KiloEx_perp) April 17, 2025 While the returned amount falls short of the 90% target, the transaction suggests some progress. KiloEx has not yet confirmed receipt of the funds or whether further negotiations are ongoing. The platform is currently working to restore trading operations and finalize a user compensation plan. It also assured users that open positions will be settled based on pre-attack prices, with no risk of forced liquidation. Read more: Crypto hacks in Q1 soar 131% YoY as losses hit $1.63b, data shows
