CrediX Hit by $4.5M Hack, Attacker Bridges Funds to Ethereum
The DeFi project CrediX has reportedly been hacked, with losses estimated at $4.5 million. The incident appears to be the result of a private key compromise, which allowed the attacker to gain unauthorized access to the system.
Credix seems to have had a security breach. We are investigating and will share details soon
— CrediX (@CrediX_fi) August 4, 2025
CrediX Hit By Cross-Network Exploit
As a safety step, CrediX has taken its website offline to block new user deposits. Security firm CertiK reported that the stolen funds were moved from the Sonic network to Ethereum. So far, the attacker’s wallet still holds the stolen assets, and there has been no further movement.
Cyvers Alerts, a Web3 security firm, also flagged multiple suspicious transactions on the Sonic network involving CrediX. According to them, an address funded via Tornado Cash on Ethereum bridged funds to Sonic, then borrowed around $2.64 million from CrediX.
🚨ALERT🚨Our system has detected multiple suspicious transactions on the #Sonic network involving @CrediX_fi.
— 🚨 Cyvers Alerts 🚨 (@CyversAlerts) August 4, 2025
An address funded by @TornadoCash on the #ETH network bridged funds to the #Sonic network and borrowed approximately 2.64M from @CrediX_fi.
Most of these funds have… pic.twitter.com/vK2y21Vhu9
Access Flaw Lets Attacker Drain CrediX Pool
On-chain security firm SlowMist notes that six days before the exploit was detected, the attacker was added as both Admin and Bridge to the CrediX Multisig Wallet using the ACLManager. With Bridge-level privileges, the attacker gained direct access to mint collateral tokens through the CrediX Pool.
Using the freshly minted tokens, they were able to borrow a large amount of assets from the protocol, ultimately draining the pool. This shows how risky it can get when access and roles are not properly managed in a multisig setup, and highlights how critical governance security is in DeFi systems.
All users funds will be recovered in full within 24-48 hours
— CrediX (@CrediX_fi) August 4, 2025
CrediX has assured the users that all funds will be fully recovered within 24–48 hours.
According to a report from Hacken, crypto losses hit $3.1 billion in the first half of 2025, and most of it came from multisig wallet failures. These wallets were often exploited through fake interfaces and poor signer management.
The most damaging attack was the $1.46B Bybit hack, where signers were tricked by a spoofed UI.
Hacken Urges Real-Time Multisig Security
More than 80% of all crypto losses this year were caused by access control failures. Hacken now recommends that projects move away from one-time audits and adopt real-time, AI-driven security systems. These tools can track multisig wallet activity, detect abnormal behavior, and provide faster response times.
Hacken also advises that teams treat signers and user interfaces as key elements of the security system, not just technical features. Improved training, stricter automation, and tighter rules are necessary if DeFi platforms want to avoid similar attacks in the future.
FAQs
The CrediX hack was caused by a private key compromise, allowing the attacker admin and bridge access to drain the pool.
Yes. CrediX has assured users that all stolen funds will be recovered within 24–48 hours after the exploit.
Major 2025 hacks include $400M from Coinbase, $220M from Cetus, and millions more from BSC, Phemex, and UPCX exploits.