{"id":6714,"date":"2025-08-04T16:34:57","date_gmt":"2025-08-04T16:34:57","guid":{"rendered":"https:\/\/bitunikey.com\/news\/credix-finance-hacked-for-4-5m-via-governance-flaw\/"},"modified":"2025-08-04T16:34:58","modified_gmt":"2025-08-04T16:34:58","slug":"credix-finance-hacked-for-4-5m-via-governance-flaw","status":"publish","type":"post","link":"https:\/\/bitunikey.com\/news\/credix-finance-hacked-for-4-5m-via-governance-flaw\/","title":{"rendered":"CrediX Finance hacked for $4.5m via governance flaw"},"content":{"rendered":"<p><\/p>\n<div class=\"post-detail__content blocks\">\n<p class=\"is-style-lead\">CrediX Finance went offline after hackers used a multisig admin exploit to drain $4.5 million from the protocol.<\/p>\n<div id=\"cn-block-summary-block_505b685ac752b631a3f5b5d122d5ed91\" class=\"cn-block-summary\">\n<div class=\"cn-block-summary__nav tabs\">\n        <span class=\"tabs__item is-selected\">Summary<\/span>\n    <\/div>\n<div class=\"cn-block-summary__content\">\n<ul class=\"wp-block-list\">\n<li>CrediX Finance went offline after a $4.5M hack<\/li>\n<li>Attackers used a vulnerability in its admin account<\/li>\n<li>The protocol launched just one month ago<\/li>\n<\/ul><\/div>\n<\/div>\n<p><!-- .cn-block-summary --><\/p>\n<p>Security remains a key concern for DeFi projects, particularly those with centralized ownership and control. On Monday, August 4, less than a month after its launch, CrediX Finance went offline following a $4.5 million exploit.<\/p>\n<figure class=\"wp-block-embed is-type-rich is-provider-twitter wp-block-embed-twitter\">\n<div class=\"wp-block-embed__wrapper\">\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">\ud83d\udea8SlowMist TI Alert\ud83d\udea8<\/p>\n<p>MistEye detected that <a href=\"https:\/\/twitter.com\/CrediX_fi?ref_src=twsrc%5Etfw\">@CrediX_fi<\/a> has been exploited.<\/p>\n<p>The CrediX Multisig Wallet, 6 days ago, added an attacker as both Admin and Bridge via ACLManager.<a href=\"https:\/\/t.co\/E6tbBEI76M\">https:\/\/t.co\/E6tbBEI76M<\/a><\/p>\n<p>This enabled the attacker, acting in the Bridge role, to directly mint\u2026 <a href=\"https:\/\/t.co\/GiXswzNZqS\">https:\/\/t.co\/GiXswzNZqS<\/a> <a href=\"https:\/\/t.co\/jJjYR1eyET\">pic.twitter.com\/jJjYR1eyET<\/a><\/p>\n<p>&mdash; SlowMist (@SlowMist_Team) <a href=\"https:\/\/twitter.com\/SlowMist_Team\/status\/1952312873822396712?ref_src=twsrc%5Etfw\">August 4, 2025<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script>\n<\/div>\n<\/figure>\n<p>According to blockchain security firm SlowMist, the attackers gained access to the protocol\u2019s multisig admin and bridge wallets six days before the incident. With this access, they acted as a bridge and minted collateral tokens.<\/p>\n<p>These tokens were then used to borrow large amounts of crypto, quickly draining CrediX Finance\u2019s liquidity pool. Security firm CertiK confirmed the protocol lost approximately $4.5 million. The attackers bridged the stolen funds from Sonic (S) to Ethereum (ETH).<\/p>\n<p>    <!-- .cn-block-related-link --><\/p>\n<h2 class=\"wp-block-heading\">How the CrediX Finance hack happened<\/h2>\n<p>CrediX Finance launched in July 2025 as a real-world asset lending protocol. It allowed borrowers to receive loans backed by off-chain income and collateral provided by DeFi lenders.<\/p>\n<p>This incident is one of several recent DeFi-related exploits. According to CertiK, $153 million was lost to various crypto exploits and scams in July alone. Of this, exchange-related incidents accounted for $86.6 million, while code vulnerabilities caused $55.4 million in losses.<\/p>\n<figure class=\"wp-block-embed is-type-rich is-provider-twitter wp-block-embed-twitter\">\n<div class=\"wp-block-embed__wrapper\">\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\"><a href=\"https:\/\/twitter.com\/hashtag\/CertiKStatsAlert?src=hash&amp;ref_src=twsrc%5Etfw\">#CertiKStatsAlert<\/a> \ud83d\udea8 <\/p>\n<p>Combining all the incidents in July we\u2019ve confirmed ~$153M lost to exploits and scams.   <\/p>\n<p>~$86.6M is attributed to incidents involving exchanges. <\/p>\n<p>Incidents related to code vulnerabilities represent ~$55.4M losses.<\/p>\n<p>More details below \ud83d\udc47 <a href=\"https:\/\/t.co\/1EsEFmZa1f\">pic.twitter.com\/1EsEFmZa1f<\/a><\/p>\n<p>&mdash; CertiK Alert (@CertiKAlert) <a href=\"https:\/\/twitter.com\/CertiKAlert\/status\/1951598860486234489?ref_src=twsrc%5Etfw\">August 2, 2025<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script>\n<\/div>\n<\/figure>\n<p>    <!-- .cn-block-related-link --><\/p>\n<p>Despite the \u201cdecentralized\u201d label, many DeFi protocols retain elements of centralization. Multisig admin wallets often have the ability to pause contracts, change protocol parameters, or mint new tokens.<\/p>\n<p>For some projects, this is important in the early stage, as the protocol is developing. However, this also enables attackers to exploit these protocols if they are able to gain access to admin accounts. <\/p>\n<p>    <!-- .cn-block-related-link --><\/p><\/div>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n","protected":false},"excerpt":{"rendered":"<p>CrediX Finance went offline after hackers used a multisig admin exploit to drain $4.5 million from the protocol. Summary CrediX Finance went offline after a $4.5M hack Attackers used a&hellip;<\/p>\n","protected":false},"author":1,"featured_media":1981,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-6714","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cryptocurrency"],"_links":{"self":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts\/6714","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/comments?post=6714"}],"version-history":[{"count":1,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts\/6714\/revisions"}],"predecessor-version":[{"id":6715,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts\/6714\/revisions\/6715"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/media\/1981"}],"wp:attachment":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/media?parent=6714"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/categories?post=6714"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/tags?post=6714"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}