Imagine trusting a “smart” contract only to discover it had about as much security as a screen door on a submarine. That’s precisely what happened when KiloEx, a decentralized perpetual exchange, accidentally left the backdoor swinging wide open to the tune of $7 million. Yep, those zeros really do sting.
It turns out the trouble started with the TrustedForwarder contract, which was supposed to be a well-behaved offspring of OpenZeppelin’s MinimalForwarderUpgradeable. Instead, it forgot to override the “execute” method — basically leaving the keys under the doormat for any opportunistic hacker with a bit of ambition and a lot of enthusiasm.
On April 13, the perpetrator took a quiet sip of coffee, then casually snatched 1 ETH from Tornado Cash (because where else does one fuel multi-chain shenanigans?) and commenced a whirlwind rampage. In under an hour, they opened and closed positions faster than a squirrel on espresso, scoring favorable prices thanks to that very same permission slip everyone else forgot to check.
Thankfully, the neighborhood watch group known as Cyvers Alerts blew the whistle on the suspicious cross-chain activity hopping around Base, Taiko, and BNB Chain. PeckShield chimed in with the sad tally: losses sprawled across Base, opBNB, and BSC, like breadcrumbs in the forest.
When hackers turn negotiators
And plot twist! After some persistent chatting — imagine the awkward family dinner where the hacker plays nice — they agreed to let KiloEx keep 10% as a “bounty” and returned the rest of their ~ill-gotten~ temporarily borrowed loot to specially guarded Safe multi-signature wallets. You know, just like a classy thief.
KiloEx reassures us that the vulnerability has been patched, no unsuspecting user will be left holding the bag, and all positions will get closed based on price snapshots taken before the attack. In other words: the chaos has been tidied up, and no one should have to wipe their brow quite yet.
Also, they roped in the cops and SlowMist — not a new smoothie, but a cybersecurity firm — to dig deeper into the escapade. Because when life gives you hackers, better call the experts and hope for the best.
💻🔐💸
Read More
- How to use a Modifier in Wuthering Waves
- 50 Goal Sound ID Codes for Blue Lock Rivals
- Mistfall Hunter Class Tier List
- 50 Ankle Break & Score Sound ID Codes for Basketball Zero
- Ultimate Myth Idle RPG Tier List & Reroll Guide
- Lucky Offense Tier List & Reroll Guide
- Basketball Zero Boombox & Music ID Codes – Roblox
- Ultimate Half Sword Beginners Guide
- Unlock All Avinoleum Treasure Spots in Wuthering Waves!
- WIF PREDICTION. WIF cryptocurrency
2025-04-21 16:44