CrediX, a money market abstraction infrastructure protocol, has successfully recovered the $4.5 million in digital assets stolen during a recent exploit, offering hope to users impacted by the breach.
The incident occurred on Monday when a security breach led to the unauthorized transfer of over $4.5 million in assets to the Ethereum network via a wallet funded through Tornado Cash, according to blockchain security firm Cyvers.
In a surprising turn, CrediX announced that it had reached a private settlement with the attacker. As part of the agreement, the exploiter returned the stolen funds in exchange for an undisclosed payment from the CrediX treasury. “Reached successful parley with the exploiter who agreed to return the funds within the next 24-48 hours in return for money fully paid by the CrediX treasury,” the protocol stated on X.
CrediX also confirmed plans to distribute the recovered funds to all affected user addresses via an airdrop within the next 48 hours.
Cryptocurrency hacks have seen a sharp rise in 2025, yet a growing number of attackers are opting to return stolen assets in exchange for negotiated settlements or white hat bounties. On July 11, an exploiter who stole $40 million in the GMX hack returned the funds after accepting a $5 million white hat bounty offered by the project team.
Similarly, in May 2024, a scammer behind a $71 million wallet poisoning attack returned the stolen funds, reportedly yielding to increasing pressure from global blockchain investigators.
The decision to return the assets followed an analysis by on-chain security firm SlowMist, which linked the attacker to possible IP addresses based in Hong Kong—raising concerns about potential legal consequences.
Crypto Exploits Top $2.5 Billion in 2025
Highlighting the increasing urgency for stronger cybersecurity measures, cryptocurrency hacks, exploits, and scams reached $2.47 billion in losses during the first half of 2025. According to a June 30 report by CertiK, Q2 alone saw over $800 million lost across 144 incidents — a 52% drop compared to Q1.
According to a report by on-chain security firm Immunefi, nearly 80% of cryptocurrencies never recover their market value after a hack or exploit—a devaluation that often inflicts more lasting damage than the incident itself.
But it’s not just the crypto sector under threat. Traditional banking infrastructure is also being targeted. On July 5, C&M Software—the service provider linking Brazil’s Central Bank to local banks and financial institutions—was hacked for $140 million across six affiliated institutions, Cointelegraph reported.
Local media revealed that the breach was made possible when a C&M employee allegedly sold their login credentials to the attacker for just $2,700, granting unauthorized access to the banking system and its reserve accounts.
