The crypto community faced another significant blow on April 14, 2025, when KiloEx, a perpetual trading platform backed by YZi Labs (formerly Binance Labs), suffered a devastating hack. The exploit resulted in a loss of approximately $7.5 million across multiple blockchains, exposing vulnerabilities in the platform’s oracle system.
The Hack That Exploited an “Unthinkable” Flaw
The KiloEx Vault hack unfolded in the early hours of April 14, 2025, when Web3 security firm Cyvers Alerts detected a series of suspicious transactions across several blockchains, including BNB Smart Chain, Base, and Taiko.
🚨7M HACK ALERT🚨Our system has detected multiple suspicious transactions involving @KiloEx_perp across several chains.
An address funded via @TornadoCash has executed a series of exploitative transactions on the $BNB, $Base, and $Taiko chains — accumulating approximately $7M in… pic.twitter.com/od4UTsSrXs
— 🚨 Cyvers Alerts 🚨 (@CyversAlerts) April 14, 2025
The attacker, using a wallet funded through Tornado Cash, exploited a critical flaw in KiloEx’s oracle system, which is responsible for providing accurate asset price data to smart contracts. According to Cyvers, the vulnerability stemmed from an access control issue that allowed the hacker to manipulate asset prices, specifically the ETH/USD pair. The hacker opened a position with a fabricated ETH/USD price of just $100, then closed it at an inflated $10,000, pocketing a staggering $3.12 million in a single transaction.
PeckShield estimated the total losses at $7.5 million, with $3.3 million stolen from Base, $3.1 million from opBNB, and $1 million from BNB Smart Chain.
Example of a transaction of ETH from hacker – Source: Basescan
Chaofan Shou, co-founder of on-chain analytics platform Fuzzland, explained that the oracle’s access validation mechanism failed to verify the original transaction initiator, despite requiring a “trusted forwarder.” Therefore, this hacker can assess and change the oracle price from the smart contract.
This oversight is likened to checking a delivery person’s identity but not the sender’s. Also, it created a severe exploit opportunity that many in the industry had assumed was “unthinkable” for a platform of KiloEx’s caliber.
Swift Response from the KiloEx Team
KiloEx responded promptly to the attack, confirming that its Vault tool had been compromised via the wallet address 0x00fac92881556a90fdb19eae9f23640b95b4bcbd. The team immediately suspended all platform operations to prevent further losses and urged ecosystem partners to blacklist the attacker’s wallet. To trace the stolen funds and mitigate damage, KiloEx partnered with BNB Chain, Manta Network, and leading security firms such as Seal-911, SlowMist, and Sherlock.
🚨 Update on the KiloEx Vault Exploit 🚨
We are actively collaborating with BNB Chain, Manta Network, and leading blockchain security partners—including Seal-911, SlowMist, and Sherlock—to investigate the recent KiloEx Vault exploit and trace the stolen assets.
Our joint…
— KiloEx (@KiloEx_perp) April 14, 2025
The team also revealed that the hacker was using cross-chain tools like zkBridge and Meson to transfer the stolen assets, complicating efforts to freeze the funds. KiloEx reached out to these platforms to halt ongoing transactions and announced plans for a bounty program to incentivize the return of the stolen assets. Additionally, the project committed to releasing a detailed report to ensure transparency with the community, acknowledging the severity of the incident and their responsibility to address it.
Despite these efforts, the use of cross-chain tools by the attacker posed significant challenges to the recovery process, leaving the outcome uncertain.
Severe Impact of $KILO Price and Investors
The fallout from the KiloEx hack was immediate and severe, particularly for the platform’s community and investors. The KiloEx token, KILO, which had launched at a peak price of $0.153 on March 27, 2025, plummeted by 31.9% within 24 hours of the hack, dropping to $0.035. This decline slashed the token’s market capitalization from $11 million to $7.5 million, erasing nearly 78% of its value since launch. The sharp drop reflected a significant loss of investor confidence, as many questioned the platform’s security measures and long-term viability.
Source: TradingView
The broader DeFi community also felt the ripple effects of the incident. Many users expressed frustration and concern, calling the hack a “wake-up call for DeFi projects to prioritize security.” The use of cross-chain tools by the hacker amplified fears about vulnerabilities in multi-chain architectures, as the stolen funds remained difficult to trace.
This Vault hack also echoes a similar incident on Hyperliquid, where a whale exploited liquidation to profit $6.2 million in March 2025. Both events highlight a growing concern within the DeFi community about the security of vault mechanisms and oracle pricing on decentralized exchanges (DEXs). The KiloEx exploit manipulated ETH/USD prices, while Hyperliquid’s whale took advantage of the volatile JELLY token, revealing how easily oracles can be gamed to distort asset values. These incidents underscore a broader fear: without robust oracle systems and stricter vault protocols, DEXs remain vulnerable to sophisticated attacks, potentially eroding trust in DeFi’s promise of decentralized security.
Conclusion
This incident not only damaged KiloEx’s reputation but also raised broader concerns about the security of DeFi platforms, particularly those operating across multiple blockchains. As a result, the event may slow the adoption of similar protocols, with investors likely to approach new projects with increased caution. This event underscores the urgent need for improved security measures, particularly in oracle systems and cross-chain protocols, to protect users and restore confidence in decentralized finance.
