The team behind CrediX Finance has fallen silent after a $4.5 million hack, with the protocol’s website, X account, and Telegram chat taken down since Aug. 4. Blockchain security company CertiK says the episode has all the apparent hallmarks of an exit scam in which developers take off with users’ funds.
The attack was due to a compromised admin wallet that led to bridge exploitation, allowing the hacker to mint unbacked tokens and drain liquidity pools. Stolen funds were bridged from Sonic to Ethereum and diversified in multiple wallets.
Initially, CrediX notified users that it had reached an agreement with the exploiter to reimburse the amount within 24-48 hours in exchange for a payment from its treasury fund, promising complete refunds via an airdrop.
However, the platform has now completely removed its online presence, including Telegram, and provided no updates subsequently.
SlowMist reported that attackers gained access to CrediX’s multisig admin and bridge wallets six days prior to the exploit. This privilege allowed them to mint tokens as collateral and drain liquidity from the platform.
Stability DAO claims it has traced two CrediX team members through KYC information and is drafting a legal report. It is working with other impacted projects like Sonic Labs, Euler, Beets, and Trevee, and authorities to get back funds.
The vanishing is part of a dark year for crypto investors, with $2.5 billion stolen from hacks and scams during the first half of 2025.
