KiloEX Vows User Reimbursement After $7M Oracle Hack—Because ’Trust Us’ Always Works Out
Another day, another DeFi exploit—but this time with a side of corporate accountability theater.
KiloEX joins the growing list of protocols scrambling to patch price oracle vulnerabilities after attackers siphoned $7 million in a textbook manipulation play. The platform’s pledge to make users whole comes with the usual caveats: ’once we trace the funds’ and ’pending governance approval.’
Oracle exploits now account for 43% of DeFi hacks in 2025—but hey, at least the auditors got paid.
KiloEX promises to cover differences in user losses and reduced profits
KiloEx Platform Resume Announcement
Dear KiloEx Users,
The KiloEx platform will begin gradually resuming trading and deposit functions across all supported chains starting at 12:00 UTC on April 24. The full platform functionality is expected to be fully restored by 13:00 UTC on…
— KiloEx (@KiloEx_perp) April 23, 2025
KiloEX revealed on April 23rd that the SlowMist security audit report, and compensation plan for users affected by the recent $7.5 million KiloEx security incident would be announced before the platform’s resumption. On April 24th, KiloEX outlined its plans to compensate traders, Hybrid Vault stakers, and VIP users.
As per KiloEX, users whose positions remained open during the platform suspension will be compensated for the difference in increased losses or decreased profits. Compensation will only be calculated up to the point the platform resumes, so users are advised to close their positions as soon as possible thereafter.
“Delaying your position closure may lead to differences between your actual PnL and the compensation amount.”
~ KiloEX team
If the unrealized loss was $100 when the platform went offline and increased to $200 upon resuming, users will be compensated the $100 difference. Similarly, if the unrealized profit was $500 at shutdown and dropped to $300 at the platform’s resumption, users will be compensated the $200 difference.
For KiloEx VIP users, the VIP user level will be determined based on real-time screenshots taken at the time of the KiloEx security incident on April 14. All affected VIP users–excluding VIP7 users– will automatically receive a +1 level upgrade. However, all affected users, including VIP7, will enjoy a 30-day VIP status protection period.
SlowMist plays a crucial role in recovering the stolen funds
The DEX collaborated with law enforcement and blockchain security specialists from SlowMist to track the hacker’s movements in an attempt to recover the stolen funds. SlowMist assisted KiloEx with a comprehensive on-chain analysis of the attack, clarifying the vulnerability’s root cause and supporting multiple rounds of negotiations between KiloEx and the attacker.
On April 15, KiloEx offered 10% of the stolen loot to the hacker–allowing them to retain $750K–if they returned 90% of the stolen funds. The platform also warned that it would reveal the hacker’s identity and that legal action would be pursued if the hacker failed to comply. However, KiloEx later disclosed on April 18th that it would drop all legal actions and still reward the hacker with the promised white hat bounty.
The team claimed that the vulnerability leading to the crypto hack had since been promptly fixed. This was vital in preventing further exploitation and securing the platform for future operations. The DEX has also promised to release a detailed report of the hacking incident and make the findings public as soon as the ongoing investigation concludes.
Cryptopolitan Academy: Want to grow your money in 2025? Learn how to do it with DeFi in our upcoming webclass. Save Your Spot
