On April 24, KiloEx, a decentralized finance (DeFi) platform, made a public statement that it would reimburse traders and stakers. This decision follows a $7.5 million exploit that prompted the platform to briefly go offline earlier in April. Bonus rewards for Stakers Along with giving full refunds to traders, the platform will deliver bonus rewards for stakers.

KiloEx is currently showering a 10% bounty on whoever stole their data on the black market. They’ve gone so far as to withdraw all legal action against him.

Compensation Plan Details

KiloEx stated that traders who had open positions when the platform was suspended would receive full compensation if their losses increased or profits decreased due to the exploit. Compensation will be based upon the platform’s resume duration.

Please close your position as soon as possible after the platform resumes. Compensation will be calculated based on the platform’s resume time. - KiloEx

The venue asked traders to unwind their positions as soon as trading is restarted. Alongside trying to compensate traders, KiloEx has stated that it will offer bonus rewards for stakers who were impacted by the incident.

Hacker Returns Majority of Stolen Funds

This exploit stemmed from a price oracle attack. In total, the hacker agreed to return $5.5 million of the $7.5 million they stole. After funds returned to their presence on Ethereum, KiloEx restaked the now-recuperated illicit money into the Hybrid Vault. The hacker will be rewarded with a 10% white hat bounty by KiloEx.

As per KiloEx’s official post-mortem analysis, the attacker took advantage of a permissionless function. Following product development discussions, the platform has decided to drop all legal action against the hacker. This decision follows the returns of funds by the hacker and their offer of a bounty.

Moving Forward

KiloEx wants to re-establish its users’ trust in its platform after the unfortunate security breach. KiloEx is responding in the right way by directly compensating affected users. They’re extending a bounty to the hacker too, showing they’re serious about fixing the issue as well as improving their overall security.