- Attacker gained admin access six days before attack.
- Borrowed $2.64 million after minting fake collateral tokens.
- Hacken urges real-time AI monitoring for DeFi wallet security.
The decentralised finance sector has once again been shaken by a major exploit—this time targeting CrediX.
The project reportedly lost $4.5 million following an attack enabled by a private key compromise and governance access flaws.
The attacker bridged funds across networks, exploited administrative access, and drained the CrediX Pool using minted collateral tokens.
The incident has added to mounting concerns over the security of multisig wallets, which have accounted for most of the $3.1 billion in crypto losses so far in 2025.
Funds bridged from Sonic to Ethereum as platform taken offline
CrediX has since taken its website offline to prevent further deposits.
Blockchain security firm CertiK confirmed that the stolen funds were transferred from the Sonic network to Ethereum.
Web3 security platform Cyvers Alerts flagged multiple suspicious transactions on Sonic, tracing one address funded via Tornado Cash on Ethereum.
This address bridged funds to Sonic and borrowed approximately $2.64 million from CrediX.
These funds were likely extracted using collateral tokens that the attacker minted after gaining backdoor access.
Admin access and bridge rights enabled token minting exploit
According to SlowMist, an on-chain security provider, the attacker was granted Admin and Bridge roles within the CrediX Multisig Wallet six days prior to the exploit.
These roles were assigned using the protocol’s ACLManager.
With Bridge-level access, the attacker was able to mint collateral tokens through the CrediX Pool, which were then used to borrow assets and ultimately drain the protocol.
This type of exploit underlines a critical risk in decentralised governance models, particularly around role-based access control.
Inadequate oversight in assigning privileges, especially in multisig environments, leaves DeFi protocols highly exposed to internal or external compromise.
Multisig wallets linked to most 2025 crypto losses
The CrediX incident is part of a broader trend this year.
A report by security firm Hacken states that $3.1 billion in crypto was lost in the…