In a significant turn of events, KiloEx has confirmed the full recovery of the $7.4 million stolen during a sophisticated cross-chain exploit earlier this week. The platform, which operates as a decentralized perpetuals exchange backed by YZi Labs, was initially breached on April 15 in an attack that spanned Base, opBNB, and BNB Chain networks.

The first signs of progress emerged on April 18, when blockchain security firm PeckShield reported that $1.4 million worth of USDT linked to the hack had been returned. Today, KiloEx announced that the entirety of the stolen assets has now been successfully restored, effectively leaving no users affected by the breach.

“This outcome underscores our commitment to protecting user assets and fostering a secure ecosystem,” the team stated in an official update.

Legal Case Closure in Motion

According to KiloEx, the legal process to formally close the case is currently underway, with coordination from judicial authorities, the company’s legal team, and external cybersecurity experts. Special acknowledgment was given to SlowMist and @blitezero, both of whom provided vital support throughout the investigation thanks to their extensive experience in blockchain forensics.

The firm reiterated its commitment to resolving the incident with fairness and transparency, fulfilling its initial pledge to users.

White Hat Reward to Be Honored

As part of the agreement, KiloEx will award a 10% white hat bounty—amounting to $740,000—to the individual responsible for returning the funds. While the attack initially caused alarm, the final resolution appears to position the hacker in a white hat role, contributing valuable security insights that the platform claims will help fortify its infrastructure.

“We prioritize long-term collaboration with the ethical security community and view this resolution as a cornerstone for mutual trust,” the company said.

What’s Next for KiloEx?

The KiloEx team has also outlined its next steps:

Legal withdrawal processes are now being executed, with updates to be shared publicly via X (formerly Twitter).

The company confirmed that no further legal action will be pursued, framing the situation as resolved in good faith.

Previously, the breach was attributed to a price oracle vulnerability that allowed the attacker to manipulate ETH/USD values and drain liquidity across three chains. The incident had prompted a 72-hour ultimatum from KiloEx and sparked an investigation in collaboration with authorities in Hong Kong.

With trading services now in the process of being restored and a user compensation framework nearly complete, KiloEx is turning the page on what could have been a catastrophic loss.

This recovery not only marks one of the more positive resolutions to a major DeFi exploit in recent months but also signals the importance of transparent communications and proactive legal engagement in handling such events.