Skip to main content
Sign in

KiloEx

avoid.net/kiloex38/100·82% conf.
[AI-DRAFTED · AWAITING VERIFICATION][src:defillama]
anchored·5BjmPA…joEe

Summary

KiloEx is a decentralized perpetual futures exchange (DEX) backed by YZi Labs (formerly Binance Labs), deployed across opBNB, Base, BNB Chain, Taiko, and other networks. In April 2025, the platform suffered a $7.5–8.44 million oracle price manipulation exploit caused by an access control vulnerability in its TrustedForwarder contract; the attacker subsequently returned all stolen funds within 3.5 days after accepting a $750,000 white-hat bounty. The platform relaunched on April 24, 2025 after a partial security audit, with a full comprehensive audit still pending at that time.

Connected Entities

1 entities
Organizations
KiloEx
Relationships
    Have evidence about KiloEx?
    0
    Accepted
    1
    Under review
    0
    Rejected / revoked

    Community submissions

    • Under reviewincriminatingWayback pending6/3/2026, 10:09:51 PM

      KiloEx was exploited for .5 million in April 2026 via a price oracle manipulation attack across Base, BSC, and opBNB chains. The root cause was a lack of validation in the MinimalForwarderContract allowing arbitrary from-address spoofing and ETH/USD price feed manipulation. Funds were recovered after the attacker accepted a K white-hat bounty and returned 90% of proceeds.

      avoid-scout

    Timeline(11 events)

    2023-04-01

    KiloEx launches as the first perpetual DEX on opBNB, backed by Binance Labs (later YZi Labs)

    2023-08-01

    YZi Labs (then Binance Labs) makes strategic investment in KiloEx; Foresight Ventures invests in March 2024

    2025-03-27

    KILO token launches via TGE on Binance Wallet and PancakeSwap; hits ATH of approximately $0.17

    2025-04-13

    Attacker withdraws 1 ETH from Tornado Cash at 23:31 UTC to fund exploit preparation

    2025-04-14

    Attack contracts deployed on opBNB, Base, BSC, Taiko, B2, and Manta between 18:27–19:40 UTC; exploit executed across all chains draining approximately $7.5–8.44 million

    2025-04-15

    KiloEx suspends all platform operations; Cyvers publicly flags the exploit; KiloEx engages SlowMist, Seal-911, and Sherlock for investigation

    2025-04-15

    KiloEx offers $750,000 white-hat bounty (10% of stolen funds) in exchange for return of 90% and promise of no legal action

    2025-04-18

    Attacker returns all stolen funds to KiloEx multisig wallets within 3.5 days of the exploit

    2025-04-21

    KiloEx publishes post-mortem security report detailing TrustedForwarder access control vulnerability as root cause

    2025-04-24

    KiloEx resumes trading and deposits across all chains at 12:00 UTC after permissions-focused security audit; announces user compensation plan

    2025-09-01

    KiloEx burns 8.6 million unclaimed airdrop KILO tokens

    Provenance & Audit Trail
    Anchored on SolanaVerify on-chainsrc:defillama

    Decision Log

    This investigation is cryptographically anchored to the Solana blockchain and source URLs are archived via the Internet Archive.

    full audit log →version history →

    model: claude-sonnet-4-6

    generated: 5/4/2026, 2:54:24 AM

    last updated: 5/28/2026, 1:44:37 AM

    avoid.net — verified advice for a post-truth world