bitcoin
Bitcoin (BITCOIN)
$114,000 -0.35%
ethereum
Ethereum (ETHEREUM)
$3,633 1.82%
binancecoin
BNB (BINANCECOIN)
$759.39 0.27%
solana
Solana (SOLANA)
$167.69 2.61%
ripple
XRP (RIPPLE)
$3.04 1.20%
shiba-inu
Shiba Inu (SHIBA-INU)
$0.000012 -0.38%
pepe
Pepe (PEPE)
$0.000011 0.71%
bonk
Bonk (BONK)
$0.000026 -4.84%
bitcoin
Bitcoin (BITCOIN)
$114,000 -0.35%
ethereum
Ethereum (ETHEREUM)
$3,633 1.82%
binancecoin
BNB (BINANCECOIN)
$759.39 0.27%
solana
Solana (SOLANA)
$167.69 2.61%
ripple
XRP (RIPPLE)
$3.04 1.20%
shiba-inu
Shiba Inu (SHIBA-INU)
$0.000012 -0.38%
pepe
Pepe (PEPE)
$0.000011 0.71%
bonk
Bonk (BONK)
$0.000026 -4.84%
bitcoin
Bitcoin (BITCOIN)
$114,000 -0.35%
ethereum
Ethereum (ETHEREUM)
$3,633 1.82%
binancecoin
BNB (BINANCECOIN)
$759.39 0.27%
solana
Solana (SOLANA)
$167.69 2.61%
ripple
XRP (RIPPLE)
$3.04 1.20%
shiba-inu
Shiba Inu (SHIBA-INU)
$0.000012 -0.38%
pepe
Pepe (PEPE)
$0.000011 0.71%
bonk
Bonk (BONK)
$0.000026 -4.84%
Disclosure
Cryptocurrency trading is speculative and your capital is at risk when you trade. We may earn affiliate commissions from some of the products on this page - at no extra cost to you.
CrediX Recovers $4.5M Following Exploit Negotiation

Highlights:

  • CrediX recovers $4.5M through a direct settlement with the attacker.
  • The breach occurred through multi-signature admin access, not smart contract flaws.
  • Stolen funds will be returned to users via an airdrop within 48 hours.

CrediX has recovered $4.5 million of stolen crypto through a direct negotiation with the attacker. The deal follows a huge breach on the Sonic blockchain-based lending platform just a day ago. The recovery resulted from a private settlement in which the attacker agreed to refund the stolen funds. CrediX, in turn, offered an unspecified sum from its treasury. Additionally, the stolen amount will be redistributed within 48 hours.

Advertisement

Banner

CrediX stated:

‘We’ve got some good news for our users. We were able to conclude an amicable dialogue with the attacker, who agreed to return the stolen funds within 24-48 hours.”

The protocol affirmed that it has been able to map the compromised addresses. In addition, users will get their portions precisely through an airdrop with no action required. Following the exploit, the company closed its deposit services to avoid increasing risk and promised users that they would restore their balances.

CrediX has also expressed an apology to the Sonic community, citing the inconvenience and worry that the exploit brought. CrediX was very responsive, with the recovery efforts being started several hours after its discovery of the breach, even though CrediX is a relatively new platform.

Details Emerge on How the CrediX Exploit Unfolded

CrediX became the target of an attack on August 4, 2025, resulting in a loss of $4.5 million in cryptocurrency. This was not a hack through a bug in a smart contract like most DeFi hacks. Rather, the code allowed the attacker to get administrative privileges. Security company SlowMist said the attacker was given multi-signature access to the protocol’s wallet combination six days earlier. Through this access, they had several strong functions, such as being a bridge controller, risk admi,n or emergency admin.

This control allowed the exploiter to mint fake collateral tokens at CrediX’s lending pool. Moreover, the exploiter exchanged such fake assets for real cryptocurrencies. The stolen funds were quickly transferred out of the Sonic network onto Ethereum via wallets that were funded with Tornado Cash.

Later, PeckShield found the primary exploit vehicle to be a wallet with the name ending with “EC662e.” The hacker divided the money among three Ethereum wallets. There are no reports of an effort to withdraw via exchanges. CertiK also noted that the hacker employed deliberate and careful processes and did not exploit vulnerabilities in the system, but exploited the permission system. Consequently, this serves as an indicator of an increasing problem with cryptosecurity: permission-based attacks.

Crypto Hacks Continue as July Losses Cross $140 Million

The CrediX hack is only one of the events included in a series of crypto hacks in 2025. July alone saw 17 individual attacks that totalled to the loss of digital assets worth $142 million. The figure represented a 27% rise in June. The largest loss was incurred by CoinDCX, which had $44.2 million drained on July 18. An employee has since been arrested by police. The GMX followed with a loss of $42 million, but the hacker paid back 40.5 million afterwards. Other notable hacks were those of BigONE, which lost $27 million, and WOO X, in an attack worth $14 million that resulted from phishing. Future Protocol also lost $4.2 million in the same period.

eToro Platform

Best Crypto Exchange

  • Over 90 top cryptos to trade
  • Regulated by top-tier entities
  • User-friendly trading app
  • 30+ million users
9.9

5 Stars

eToro is a multi-asset investment platform. The value of your investments may go up or down. Your capital is at risk. Don’t invest unless you’re prepared to lose all the money you invest. This is a high-risk investment, and you should not expect to be protected if something goes wrong.

Advertisement

Banner

Advertisement

Banner

Advertisement

Banner