|
Getting your Trinity Audio player ready...
|
Key Takeaways:
- A hacker exploited Credix’s admin wallet to mint fake tokens and drain $4.5M.
- Funds were moved cross-chain and remain unspent across multiple Ethereum wallets.
- Credix promises full user fund recovery within 48 hours, source of funds undisclosed.
A hacker exploited admin-level access on Credix to mint fake tokens and siphon funds, sparking a fresh wave of concerns over DeFi vulnerabilities.
Hacker Exploits Admin Privileges to Mint Fake Tokens
Decentralized credit marketplace Credix suffered a $4.5 million exploit on Monday, marking yet another blow to decentralized finance (DeFi) security in 2025. According to blockchain analytics firm PeckShield, the attacker gained access to an administrator wallet on the Solana-based platform, using it to exploit the BRIDGE role. This permission allowed them to mint unbacked acUSDC (Sonic USDC) tokens, use them as collateral, and drain liquidity pools.
Today's @CrediX_fi hack is due to compromised admin account 0xF321683831Be16eeD74dfA58b02a37483cEC662e, which has a number of roles, including POOL_ADMIN, BRIDGE, ASSET_LISTING_ADMIN, EMERGENCY_ADMIN, and RISK_ADMIN.
— PeckShield Inc. (@peckshield) August 4, 2025
And the BRIDGE role is abused to drain/borrow pool assets… https://t.co/JGuLmh8zWu pic.twitter.com/0jmAuvtcJv
The hacker then moved the stolen funds cross-chain—from the Sonic network to Ethereum—before dispersing them across new wallets. Web3 security firm CertiK confirmed the exploit, publishing three Ethereum addresses holding the stolen funds, none of which have yet engaged with centralized exchanges.
Credix Responds, Vows Full Fund Recovery
In a series of posts on X, Credix acknowledged the security breach, temporarily disabled its website, and advised users to withdraw funds directly from smart contracts. Notably, the team assured users that “all funds will be recovered in full within 24–48 hours,” though it stopped short of clarifying whether recovery would come via internal treasury reserves, outside capital, or negotiation with the attacker.
Credix’s ability to respond swiftly may prove critical. The Belgium-based protocol, which connects investors with fintechs and non-bank lenders in emerging markets, has raised over $73.7 million across four funding rounds.
DeFi Exploits Remain a Persistent Risk in 2025
This attack adds to growing concerns over administrative privilege risks within DeFi protocols. TRM Labs reports that $2.1 billion has been lost in crypto hacks in the first half of 2025, with DeFi exploits accounting for $252 million—roughly 12% of total losses.
Also Read: How to Use Polygon for Cheap and Fast DeFi Transactions: A Beginner’s Guide
As DeFi matures, platforms like Credix are being urged to implement multi-signature controls, real-time monitoring, and external audits to limit damage from internal access vulnerabilities.
The Credix exploit highlights ongoing security weaknesses in the DeFi ecosystem—particularly around access controls. While the team’s prompt response and pledge to recover user funds offer some reassurance, the breach underscores the critical need for stronger protocol-level safeguards in a sector still vulnerable to manipulation.
Disclaimer: The information in this article is for general purposes only and does not constitute financial advice. The author’s views are personal and may not reflect the views of Chain Affairs. Before making any investment decisions, you should always conduct your own research. Chain Affairs is not responsible for any financial losses.
I’m a crypto enthusiast with a background in finance. I’m fascinated by the potential of crypto to disrupt traditional financial systems. I’m always on the lookout for new and innovative projects in the space. I believe that crypto has the potential to create a more equitable and inclusive financial system.
