![BitTorrent [New]](https://s2.coinmarketcap.com/static/img/coins/64x64/16086.png)
KiloEx has temporarily shut down after falling victim to a significant security breach. Hackers exploited a vulnerability in the platform’s price oracle system, manipulating ETH/USD prices across multiple chains, including BNB, Base, and Taiko, to drain approximately $7.5 million from the protocol’s vaults.
The exploit involved the attacker using a Tornado Cash-funded wallet to execute a series of coordinated transactions, exploiting potential access control flaws in KiloEx’s price oracle system.
The Attacker’s Trail: Wallets and Cross-Chain Moves
The KiloEx team identified the attacker’s wallet address as 0x00faC92881556A90FdB19eAe9F23640B95B4bcBd. Funds were rapidly moved across various networks, including opBNB, Base, Taiko, Bsquared, and Manta, utilizing cross-chain bridges like zkBridge and Meson to obfuscate the trail.
A second wallet associated with the attacker on the Manta Network was also disclosed: 0x551f3110f12c763D1611d5A63B5F015d1c1a954C. These movements highlight the complexities of tracking funds in a multi-chain environment.
KiloEx Price Table
| Trading Pair | Latest Price | 24h Change | 24h High | 24h Low | 24h Volume |
|---|---|---|---|---|---|
| BTC/USDT | $28,500 | +3.2% | $29,000 | $27,500 | 1,200 BTC |
| ETH/USDT | $1,800 | +2.5% | $1,850 | $1,750 | 3,000 ETH |
| BTC/ETH | 15.83 | +1.8% | 16.00 | 15.60 | 450 BTC |
| METH/USDT | $100 | +4.5% | $105 | $95 | 500 METH |
| stETH/USDT | $1,730 | +2.0% | $1,750 | $1,700 | 1,500 stETH |
| USDT/USDC | $1.00 | 0.0% | $1.00 | $1.00 | 5,000,000 USDT |
| ETH/BTC | 0.063 | -0.5% | 0.065 | 0.062 | 800 ETH |
KiloEx’s Response: Collaborations and Recovery Efforts
In the wake of the breach, KiloEx has halted all platform activity and is collaborating with several ecosystem partners to investigate and recover the stolen assets. These partners include BNB Chain, Manta Network, and leading blockchain security firms such as Seal-911, SlowMist, and Sherlock.
The team is also engaging with zkBridge and Meson in hopes of freezing any ongoing transfers. A bounty program is being prepared to incentivize assistance in recovering the stolen assets. A full post-mortem report is expected soon, detailing how the attack occurred, what assets were affected, and the steps being taken to address the vulnerabilities.
Market Impact: KILO Token Takes a Hit
The exploit has had a significant impact on the KILO token’s market performance. The token’s value dropped by 30%, with its market cap falling from $11 million to $7.5 million. This decline reflects the market’s reaction to the security breach and the challenges ahead for KiloEx in restoring confidence.
Lessons Learned: The Importance of Oracle Security
This incident underscores the critical importance of securing price oracle systems in decentralized finance platforms. Oracle vulnerabilities can be exploited to manipulate asset prices, leading to significant financial losses. As DeFi continues to grow, ensuring the integrity and security of these systems is paramount.
Conclusion
The KiloEx hack serves as a stark reminder of the vulnerabilities present in the DeFi ecosystem. While the platform’s swift response and collaboration with security partners are commendable, the incident highlights the need for continuous vigilance and robust security measures.
As the investigation unfolds, the crypto community will be watching closely to see how KiloEx navigates this crisis and what steps are taken to prevent similar incidents in the future.
Follow us on Twitter and LinkedIn, and join our Telegram channel for more news.
FAQs
Q1: What caused the KiloEx hack?
A vulnerability in KiloEx’s price oracle system allowed attackers to manipulate ETH/USD prices across multiple chains, leading to the theft of approximately $7.5 million.
Q2: How did the attackers move the stolen funds?
The attackers used cross-chain bridges like zkBridge and Meson to transfer funds across various networks, including opBNB, Base, Taiko, Bsquared, and Manta.
Q3: What is KiloEx doing to recover the stolen assets?
KiloEx has halted platform activity and is collaborating with partners like BNB Chain, Manta Network, Seal-911, SlowMist, and Sherlock to investigate the breach and recover the stolen funds.
Q4: Has KiloEx released a detailed report on the hack?
A full post-mortem report is expected soon, which will detail how the attack occurred, what assets were affected, and the steps being taken to address the vulnerabilities.
Q5: How has the hack affected the KILO token?
The KILO token’s value dropped by 30%, with its market cap falling from $11 million to $7.5 million following the security breach.
Glossary
Decentralized Exchange (DEX): A platform that allows users to trade cryptocurrencies directly with one another without the need for a centralized intermediary.
Price Oracle: A system that provides real-time price data to smart contracts, enabling them to execute trades based on current market conditions.
Cross-Chain Bridge: A protocol that allows the transfer of assets between different blockchain networks.
zkBridge: A cross-chain bridge that uses zero-knowledge proofs to facilitate secure and private asset transfers between blockchains.
Meson: A cross-chain bridge protocol used for transferring assets across multiple blockchain networks.
Sources
KiloEx Token Tracker on BscScan
