The hacker who breached KiloEx returned part of the stolen funds to the exchange.

PeckShield’s blockchain security specialists reported that these funds were sent back to the cryptocurrency address KiloEx. The exchange’s management has given the perpetrator an ultimatum: if he returns the stolen funds within 72 hours, he can keep a reward of 10% of the amount of stolen funds. The exchange team warned that they are actively tracking the hacker’s addresses, so the stolen funds will be frozen.

At first, the hacker did not respond to KiloEx’s appeal, so on April 17, the exchange filed an official statement with the Hong Kong police, involving cybersecurity specialists from SlowMist in the investigation. The company publicly stated that it had provided important information to law enforcement and later promised to publish a full report on the incident. Despite the hacker returning only 90% of the stolen amount, as the exchange suggested, the completed transaction may indicate that the funds could still be returned.

KiloEx has not yet confirmed the receipt of funds and has not reported whether further negotiations with the hacker are ongoing. Currently, KiloEx is working on restoring trading operations and a compensation plan for users. The exchange assured clients that open positions will be settled based on prices before the attack, without forced liquidation.

Three days ago, Cyvers Alerts analysts first reported on the exploit — the cause was identified as a vulnerability in the price oracle, which allowed a hacker to manipulate ETH/USD values and use inflated prices to withdraw funds.