- CrediX, a decentralized finance protocol, suffered a security breach resulting in a $4.5 million crypto theft.
- The attacker gained access by taking control of an administrative account, then minted unbacked stablecoins.
- Stolen funds were moved from the Sonic blockchain to Ethereum, according to security experts.
- CrediX took its website offline and promised to recover all lost funds within two days.
- Users voiced concerns in the protocol’s official Telegram channel, and the platform’s site remained offline hours after the hack.
A Hacker stole $4.5 million worth of cryptocurrency from the decentralized finance protocol CrediX on Monday. According to blockchain security firm CertiK, the funds remain in the attacker’s possession.
The attacker obtained access to an administrative account that allowed the creation of unbacked stablecoins on the platform, reported by security firm Peckshield. These illegitimate stablecoins were then used to withdraw other crypto assets held as collateral by users. CrediX‘s official website went offline following the breach, and the team stated on X that “all funds will be recovered in full” within two days.
CertiK analysts noted that the stolen assets were “bridged”—transferred—from Sonic, a layer-1 blockchain network, to Ethereum. Peckshield added that the hack allowed the attacker to mint stablecoins without reserves, a process usually restricted to prevent such thefts. Security firm SlowMist further disclosed that the attacker acquired special privileges on CrediX about six days before the exploit.
CrediX describes itself as a platform for managing investments across multiple DeFi protocols, such as Compound and Aave. Last month, the protocol advertised potential lending yields over 10,000% per year on its platform.
In 2022, Gary Gensler, former chair of the U.S. Securities and Exchange Commission, cautioned that unusually high returns in crypto lending could come with major risks, especially after high-profile collapses during the crypto boom.
Sonic, the blockchain used in part of the incident, rebranded from Fantom and launched its mainnet in December. As reported by DeFiLlama, about $437 million in assets are currently used on Sonic-related DeFi projects.CrediX has plans for an airdrop of its upcoming CREDIT token, though it has not yet launched. After the incident, Sonic’s native S token saw a small gain of 1.6% to $0.30, but has dropped 39% in value over the past month. Users are still seeking advice on how to access or withdraw their assets in the wake of the breach.
✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.
Previous Articles:
- Chainlink Unveils Data Streams to Power Tokenized U.S. Equities
- Bitfinex’s Plasma Launch Threatens Tron’s USDT Dominance with Zero Fees
- White House Report Sparks Debate on Wholesale CBDC Policy Limits
- ECB Reaffirms Cash Will Remain as Digital Euro Plans Advance
- PlayPraetor Android Malware Hits 11,000 Devices in Global Surge
