Price Oracle Manipulation Forces DEX to Go Offline in $7.5M Breach
KiloEX, a decentralized exchange built across BNB Chain, opBNB, and Manta Network, has halted operations following a cyberattack that drained $7.5 million from its platform.
According to early findings from security analysts, the breach was the result of a price oracle manipulation—a vulnerability that has plagued DeFi protocols in the past.
The DEX, which launched in 2023 and received early backing from Binance Labs, confirmed the exploit has been contained and said it is working with cybersecurity firms to track the stolen funds. In an effort to recover the assets, KiloEX has extended a deal to the attacker: return 90% of the funds and walk away without further legal consequences. If ignored, the team warned it would pursue legal action and disclose the attacker’s identity to authorities.
No clear timeline has been provided for when the platform will resume operations. In the meantime, KiloEX plans to publish a full incident report and launch a bug bounty program to uncover how the breach occurred. The attacker’s wallet address has been made public, and the exchange is urging users and platforms to block it.
READ MORE: Canada Set to Launch First Spot Solana ETFs as U.S. Lags Behind
Security firm PeckShield believes the attackers exploited weaknesses in the price oracle to manipulate token values. In this case, Ethereum was briefly priced at just $100, only to be sold off at an inflated $10,000, netting massive profits for the exploiter. The attack appears to have siphoned off $3.3 million in Base tokens, $3.1 million in opBNB assets, and another $1 million from Binance Smart Chain.
Oracle manipulation isn’t a new tactic. Mango Markets and Venus Protocol previously suffered similar breaches, losing $114 million and $100 million respectively. In many cases, these exploits rely on centralized or weakly-designed oracles that attackers can distort to their advantage.
Adding to concerns, wallet activity linked to the attacker suggests the use of Tornado Cash, a crypto mixer often used to obscure the movement of stolen digital assets.
Alexander Stefanov
Reporter at CoinsPress
Alex is an experienced finance journalist and a cryptocurrency and blockchain enthusiast. With over five years of experience covering the industry, he deeply understands the complex and constantly evolving world of digital assets. His insightful and thought-provoking articles provide readers with a clear picture of the latest developments and trends in the market. His passionate approach allows him to break down complex ideas into accessible and insightful content. Follow up on his content to be up to date with the most important trends and topics - stay ahead of the curve with CoinsPress.
