Decentralized perpetual futures exchange KiloEx suffered a $7M price oracle manipulation attack. The hack involved three blockchains: Base, BNB Chain, and Taiko. An exploiter funded the attack with Tornado Cash, exploiting an Oracle access control weakness.

‍

The attacker pushed fake prices into KiloEx's system. This enabled them to open leveraged positions and reap large profits. One sale alone generated more than $3M. KiloEx instantly halted trading to avoid further losses. They are now working with security partners to locate the stolen funds.

‍

KiloEx made a risky move and offered the hacker a bargain. Return 90% of the fund and keep 10% as a reward. If the hacker complies, the exchange will publicly acknowledge the cooperation.

‍

But there is a catch. If the hacker refuses, KiloEx threatens legal action and public exposure.

‍

This is not the first Oracle-related hack. In 2022, Avraham Eisenberg used a similar method to extort $110M from Mango Market. He was subsequently convicted of fraud. The event emphasizes the persistent security challenges of decentralized finance. It serves as a sharp warning for protocols to enhance their oracle systems to prevent manipulation.

Heading 1

Heading 2

Heading 3

Heading 4

Heading 5

Heading 6

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur.

Block quote

Ordered list

1. Item 1
2. Item 2
3. Item 3

Unordered list

• Item A
• Item B
• Item C

Text link

Bold text

Emphasis

^Superscript

_Subscript