Símbolos

KiloEx Returns 90% of Stolen Assets After DeFi Hack

Generado por agente de IACoin World

lunes, 21 de abril de 2025, 7:16 am ET1 min de lectura

KiloEx, a prominent player in the decentralized finance (DeFi) space, has released a detailed analysis of a recent hack incident that occurred on April 14. The report, published on April 21, revealed that the breach was due to a critical oversight in the smart contract's design. Specifically, the TrustedForwarder contract, which inherited from OpenZeppelin's MinimalForwarderUpgradeable, failed to override the execute method. This oversight allowed the attacker to call this function arbitrarily, enabling the theft of assets across multiple chains.

The attack took place between 18:52 and 19:40 (UTC) on April 14. The attacker deployed malicious contracts on various chains, including opBNB, Base, BSC, Taiko, B2, and Manta. This cross-chain exploitation highlights the complexity and interconnected nature of modern DeFi ecosystems, where vulnerabilities in one chain can have cascading effects on others.

In response to the incident, KiloEx engaged in negotiations with the attacker. As a result of these discussions, the attacker agreed to return 90% of the stolen assets, which included a variety of cryptocurrencies such as USDT, USDC, ETH, BNB, WBTC, and DAI. The remaining 10% was retained by the attacker as a bounty. All returned assets have been successfully transferred back to KiloEx's multi-sig wallet, ensuring the safety and integrity of the platform's funds.

Following the incident, KiloEx has taken immediate action to address the vulnerability. The platform has completed the necessary fixes to its smart contracts, ensuring that the execute method is properly overridden to prevent similar attacks in the future. Operations have since resumed, with KiloEx continuing to provide its services to users with enhanced security measures in place.

This incident serves as a stark reminder of the importance of thorough smart contract audits and the need for continuous vigilance in the DeFi space. The ability of the attacker to exploit a missing function override underscores the critical role that proper contract design and implementation play in safeguarding digital assets. As the DeFi ecosystem continues to evolve, platforms like KiloEx must remain proactive in identifying and mitigating potential vulnerabilities to protect user funds and maintain trust in the system.

Coin World

Comentarios

﻿

Add a public comment...

Aún no hay comentarios

Divulgación editorial y transparencia de la IA: Ainvest News utiliza tecnología avanzada de Modelos de Lenguaje Largo (LLM) para sintetizar y analizar datos de mercado en tiempo real. Para garantizar los más altos estándares de integridad, cada artículo se somete a un riguroso proceso de verificación con participación humana. Mientras la IA asiste en el procesamiento de datos y la redacción inicial, un miembro editorial profesional de Ainvest revisa, verifica y aprueba de forma independiente todo el contenido para garantizar su precisión y cumplimiento con los estándares editoriales de Ainvest Fintech Inc. Esta supervisión humana está diseñada para mitigar las alucinaciones de la IA y garantizar el contexto financiero. Advertencia sobre inversiones: Este contenido se proporciona únicamente con fines informativos y no constituye asesoramiento profesional de inversión, legal o financiero. Los mercados conllevan riesgos inherentes. Se recomienda a los usuarios que realicen una investigación independiente o consulten a un asesor financiero certificado antes de tomar cualquier decisión. Ainvest Fintech Inc. se exime de toda responsabilidad por las acciones tomadas con base en esta información. ¿Encontró un error? Reportar un problema