KiloEx, an Indian crypto exchange witnessed a hacker exploiting vulnerabilities to steal approximately $7.5 million from the company’s funds. The company temporarily suspended operations to assess damage and announced it was launching an investigation with the help of specialists from cybersecurity and law enforcement agencies. In an unexpected turn of events, the cybercriminal returned almost $5.5 million in cryptocurrency. This forced KiloEx to cancel their legal action and make a public bounty reward announcement.
After the exploit, KiloEx worked with Seal-911, Slowmist, and Sherlock to track the on-chain transaction of the breach and find out who was behind it. The company provided the hacker with a $750,000 “whitehat” bounty. This bug bounty is only 10% of the stolen money, but it’s a reward based on the hacker returning 90% or more of the stolen funds.
The nearly $5.5 million return is a major victory for this development case. KiloEx publicly acknowledged the return and stated its intention to award 10% of the recovered funds as a bounty to the white hat involved.
The legal process to formally close the case is now underway […]. With all affected funds fully restored (leaving victims), we are fulfilling our pledge to resolve this matter fairly and transparently. - KilloEx
Third, they can decide that they do not want to take any legal action against the hacker, since they respect the spirit of the bounty agreement. The company's decision reflects a strategic approach to recover the stolen funds efficiently and ensure the platform's integrity.
KiloEx promptly addressed the security breach. Their partnership with cybersecurity experts underscores the importance of proactive measures in the growing cryptocurrency space. More importantly, the company demonstrates courageous innovation by engaging in good faith with the hacker. They’re offering a $250,000 bounty to solve cybercrimes and recover stolen assets.
