KiloEX commits to compensating users following $7M Price Oracle exploit

KiloEX, the decentralized exchange (DEX) hit by a $7.5M attack earlier this month, has revealed its resolution plans to compensate users affected by the April 14th exploit. The DEX also promised an extra 10% annual percentage yield (APY) bonus for eligible stakers who had funds in the vault before the platform resumed operations.

The decentralized exchange KiloEx announced tailored compensation plans for traders, Hybrid Vault stakers, and VIP users affected by the $7.5M exploit that temporarily shut down the platform’s operations earlier in April. The DEX released its security incident post-mortem report on April 21st, explaining the root cause of the incident and reviewing the timeline of events. 

According to SlowMist, its team immediately launched an emergency response, working closely with KiloEx to trace the attack path and fund flows, leveraging its in-house blockchain AML and tracing platform—MistTrack and the InMist threat intelligence network—to extract attacker profiles. 

KiloEX promises to cover differences in user losses and reduced profits

KiloEx Platform Resume Announcement

Dear KiloEx Users,

The KiloEx platform will begin gradually resuming trading and deposit functions across all supported chains starting at 12:00 UTC on April 24. The full platform functionality is expected to be fully restored by 13:00 UTC on…

— KiloEx (@KiloEx_perp) April 23, 2025

KiloEX revealed on April 23rd that the SlowMist security audit report, and compensation plan for users affected by the recent $7.5 million KiloEx security incident would be announced before the platform’s resumption. On April 24th, KiloEX outlined its plans to compensate traders, Hybrid Vault stakers, and VIP users.

As per KiloEX, users whose positions remained open during the platform suspension will be compensated for the difference in increased losses or decreased profits. Compensation will only be calculated up to the point the platform resumes, so users are advised to close their positions as soon as possible thereafter.

“Delaying your position closure may lead to differences between your actual PnL and the compensation amount.”

~ KiloEX team

If the unrealized loss was $100 when the platform went offline and increased to $200 upon resuming, users will be compensated the $100 difference. Similarly, if the unrealized profit was $500 at shutdown and dropped to $300 at the platform’s resumption, users will be compensated the $200 difference.

For KiloEx VIP users, the VIP user level will be determined based on real-time screenshots taken at the time of the KiloEx security incident on April 14. All affected VIP users–excluding VIP7 users– will automatically receive a +1 level upgrade. However, all affected users, including VIP7, will enjoy a 30-day VIP status protection period.

SlowMist plays a crucial role in recovering the stolen funds

The DEX collaborated with law enforcement and blockchain security specialists from SlowMist to track the hacker’s movements in an attempt to recover the stolen funds. SlowMist assisted KiloEx with a comprehensive on-chain analysis of the attack, clarifying the vulnerability’s root cause and supporting multiple rounds of negotiations between KiloEx and the attacker.

On April 15, KiloEx offered 10% of the stolen loot to the hacker–allowing them to retain $750K–if they returned 90% of the stolen funds. The platform also warned that it would reveal the hacker’s identity and that legal action would be pursued if the hacker failed to comply. However, KiloEx later disclosed on April 18th that it would drop all legal actions and still reward the hacker with the promised white hat bounty.

The team claimed that the vulnerability leading to the crypto hack had since been promptly fixed. This was vital in preventing further exploitation and securing the platform for future operations. The DEX has also promised to release a detailed report of the hacking incident and make the findings public as soon as the ongoing investigation concludes.

Cryptopolitan Academy: Want to grow your money in 2025? Learn how to do it with DeFi in our upcoming webclass. Save Your Spot