Decentralized exchange (DEX) KiloEx said it will compensate traders and stakers hurt by a $7.5 million exploit that temporarily shut down the platform earlier in April.

In an April 24 announcement, KiloEx said traders who had positions open while the platform was suspended would get full compensation if their losses increased or profits decreased. The platform said it would pay the difference. 

KiloEx urged traders to close their positions immediately once the platform resumes operations, as delaying could affect their profit and losses, which may then impact the compensation amount.

“Please close your position as soon as possible after the platform resumes. Compensation will be calculated based on the platform’s resume time,” KiloEx stated. 

Source: KiloEx

Stakers’ principal and earnings remain unaffected

For the platform’s Hybrid Vault stakers, KiloEx said that the stolen funds were fully reinjected into the vault. As a result, staker earnings and principal will remain unaffected. However, KiloEx said it will still provide an additional 10% annual percentage yield (APY) as a bonus for eligible stakers.

The bonus APY will be awarded to users who had funds in the vault prior to the platform’s resumption.

On April 15, KiloEx offered a 10% bounty to the hacker who stole the funds from the platform. The DEX said that the hacker could keep $750,000 as a white hat bounty if they decided to return 90% of the stolen funds. The platform threatened to expose the hacker’s identity and take legal action if they did not comply. 

Shortly after, security platforms flagged transactions indicating that the KiloEx hacker returned the stolen funds. On April 18, the DEX said it would withdraw all legal action against the hacker and reward them with a 10% white hat bounty. 

Related: Mantra OM token crash exposes ‘critical’ liquidity issues in crypto

KiloEx hacker exploited a price oracle vulnerability

On April 14, KiloEx suspended its platform after containing the exploit that led to the $7.5 million in losses. Security firm PeckShield said the attacker likely exploited a price oracle vulnerability that allowed them to inflate the prices to gain more profit than they should have. 

In a post-mortem published by KiloEx, the platform confirmed that the attacker exploited a permissionless function. The DEX said the attacker crafted a request that only authorized entities should have been able to do. 

Using this, the attacker opened a position at an “artificially low price.” This was followed by closing the position at a higher price, providing illegitimate profit to the attacker. 

Magazine: Ethereum maxis should become ‘assholes’ to win TradFi tokenization race

Fintech giant Revolut has reported a record-breaking year, doubling its pre-tax profits to 1 billion British pounds ($1.3 billion) in 2024, driven by rapid customer growth and a resurgence in cryptocurrency trading.

According to its annual report published on Thursday, April 24, Revolut’s profits soared from 438 million pounds in 2023, while revenues jumped to 3.1 billion pounds from 1.8 billion pounds.

A key contributor to Revolut’s strong performance was its wealth division, which includes stock and digital asset trading. The segment generated 506 million pounds in revenue — nearly four times higher than in 2023 — as crypto trading activity rebounded.

Revolut’s increasing profit. Source: Revolut

Revolut added nearly 15 million new users in 2024, pushing its total customer base past 50 million. This expansion boosted revenues from card payment fees and interest on deposits — the fintech’s two largest income streams.

“2024 was another landmark year for Revolut, with continued growth across all key business areas,” founder and CEO Nik Storonsky said in the report.

Related: Pyth partners with Revolut for real-time digital asset data

Revolut receives long-awaited UK banking license

Storonsky noted that the company managed to obtain its long-awaited UK banking license in 2024, which was secured in July after a three-year regulatory process.

The license paves the way for Revolut to expand its lending services, including credit cards, buy-now-pay-later products and potentially mortgages, which the company has confirmed are currently in testing.

“We received a UK banking license (with restrictions), paving the way for future product enhancements in our home market,” Storonsky said.

In May 2024, Revolut introduced Revolut X, a dedicated desktop crypto exchange targeting experienced traders. The platform offers trading for 100 tokens with low fees and real-time on/off-ramp capabilities, with plans to expand to mobile in 2025.

Later in November, Revolut expanded its crypto exchange in Europe, rolling out Revolut X in 30 new markets across the European Economic Area (EEA), including Belgium, Cyprus, Denmark and others.

Revolut launches new products. Source: Revolut.

During the year, Revolut also continued to expand its digital asset services, offering customers access to cryptocurrencies alongside other investment options like stocks, ETFs, bonds, and commodities within its app ecosystem, per the annual report.

Related: Revolut and Ledger wallet enable new crypto rails in EEA

Revolut struggles to attract banking customers

Despite its growth, Revolut faces challenges in converting users of its popular app into primary banking customers.

Growing deposit volumes remain critical for funding future lending operations and competing with established retail banks. In 2024, total customer balances rose from 18 billion pounds ($23.9 billion) to 30 billion pounds ($39.8 billion).

Revolut is also focusing on expanding its premium subscription base, with revenue from paid plans climbing 74% year-on-year to 423 million pounds, per the report.

Additionally, its business services arm now accounts for 15% of total revenues, reflecting efforts to diversify income streams beyond retail banking.

Looking ahead, Storonsky said Revolut intends to reach 100 million daily active users across 100 countries.

Magazine: Ethereum maxis should become ‘assholes’ to win TradFi tokenization race

US federal prosecutors have filed statements from hundreds of victims in their case against Alex Mashinsky, the founder and former CEO of the defunct crypto lender Celsius Network.

The recently sworn-in interim US Attorney for Manhattan, Jay Clayton, said in an April 23 letter to a Manhattan federal court that he was sharing “more than 200 victim impact statements” collected by his office.

The statements span 418 pages of Celsius users, some named and some only using their initials, detailing the impact that the collapse of the firm had on their lives and how much money they had lost as a result.

Some of the statements detailed victims who said they entrusted their life savings to Celsius, believing Mashinsky’s assurances that the platform was safe.

Others wrote they were dismayed at the amount returned to them as a result of the company’s bankruptcy proceedings, which many said was less than the amount they put into the platform.

An excerpt of a statement by Jesse Gaarenstroom detailing their losses and dissatisfaction with the repayments made to Celsius creditors. Source: CourtListener

Before it collapsed, Celsius Network allowed users to deposit crypto to earn yield and offered loans with crypto posted as collateral. It blocked withdrawals in mid-2022 amid a massive crypto market crash and filed for bankruptcy in July that year.

The Justice Department hit Mashinsky with seven charges a year later in July 2023, but he took a plea deal and copped to a count each of commodities and securities fraud in December, which carry a maximum sentence of 30 years in prison if served consecutively.

Some seek leniency for Mashinsky

A large number of the statements reviewed by Cointelegraph called for Mashinsky to be imprisoned under the maximum allowable sentence, but at least two called for the court to go easy on the admitted fraudster.

Related: US prosecutors to pursue ex-SafeMoon CEO case despite DOJ memo

One statement, written by a person identifying themselves as “Mike,” said further punishing Mashinsky would be “unreasonably excessive” as he claimed, without evidence, that the Celsius founder “was the target of a coordinated attack” by Sam Bankman-Fried, a convicted fraudster and former CEO of the collapsed crypto exchange FTX.

Another statement written by Artur Abreu said that Mashinsky should be given leniency as he’s shown remorse, and macroeconomic factors at the time majorly contributed to Celsius’ collapse.

Mashinsky, whose sentencing is set for May 8, argued in an April 17 sentencing brief that he should not be sentenced to more than a year and one day in prison, or 366 days, as he had “genuinely good intentions, and a previously spotless track record.”

The government’s sentencing brief is due on April 24.

Magazine: Inner City Press says ‘less flashy’ Mashinsky set for less jail time than SBF: X Hall of Flame