KiloEx Targeted in Apparent Oracle Manipulation, $7M Stolen

KiloEx, a decentralized platform for trading perpetual futures, has fallen prey to a coordinated exploit that drained approximately $7 million from its protocol. The root cause: a vulnerability in its price oracle system that enabled precise manipulation across multiple blockchains.

According to blockchain analytics firm Cyvers, the attacker used a wallet linked to Tornado Cash to obscure their identity and launched a series of calculated moves across the Base, BNB Chain, and Taiko networks. Leveraging flash loans, they exploited a weakness in the oracle’s access controls to feed the platform false pricing data.

This allowed the attacker to open leveraged positions at manipulated prices—such as deeply undervalued ETH—generating phantom profits that were quickly extracted from KiloEx’s liquidity vaults. The cross-chain design of the platform allowed the attacker to repeat the exploit in rapid succession, maximizing the financial damage.

In just one transaction, they netted over $3 million.

KiloEx has responded by suspending operations and is working alongside industry partners to trace the stolen assets and blacklist the attacker’s wallet. The protocol is also offering a 10% bounty for the return of the remaining funds.

Oracle exploits remain a persistent threat vector in DeFi, as seen in past high-profile attacks on Mango Markets and Cream Finance. The KiloEx incident adds another chapter to the growing list of oracle-related vulnerabilities that have cost the ecosystem hundreds of millions of dollars.

This breach underscores the need for tighter oracle security and more robust on-chain safeguards as DeFi platforms continue to scale across networks.