Kiloex, a decentralized exchange (DEX) on the BNB Smart Chain, confirmed it was the victim of a $7 million digital fund exploit. Blockchain security firm Cyvers said the suspected attacker’s address, reportedly funded via Tornado Cash, had executed a series of exploitative transactions on the BNB, Base, and Taiko chains.

Cyvers identified a potential price oracle access control vulnerability as the root cause. In an alert issued hours before Kiloex confirmed the breach, Cyvers added that the attacker was “still actively exploiting the system.” Kiloex said it has since urged partner protocols and platforms to blacklist the attacker’s address to prevent further malicious activity.

In a post on X, Kiloex said it had initiated a process to trace the stolen funds and planned to launch a bounty program.

“The exploit has been contained,” the team stated. “The team has immediately suspended platform usage and is working with security partners to trace the flow of funds. The team will release a bounty program.”

However, a later X post directed at the hacker said the Kiloex team, which claimed the support of law enforcement and multiple exchanges, had uncovered “critical” information. It threatened to freeze the stolen funds if the hacker failed to return 90% of the funds within 72 hours. The hacker would retain the remaining 10%, which Kiloex described as a “white hat bounty.”

According to the X post, if the hacker agrees to these terms, Kiloex will publicly acknowledge the cooperation and stop further pursuing the matter. Nevertheless, if the hacker fails to comply, the matter will be escalated, the team warned.

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。