Credix Loses $2.64 Million After Multisig Wallet Exploit

Generated by AI AgentCoin World
Monday, Aug 4, 2025 3:16 pm ET1min read
Aime RobotAime Summary

- Credix, a DeFi protocol, lost $2.64M after a multisig wallet exploit, reported by Cyvers and SlowMist.

- Attackers gained high-level permissions via ACLManager, minting unbacked tokens to drain liquidity pools.

- Stolen funds were moved to Ethereum and obscured using Tornado Cash, complicating recovery efforts.

- Credix temporarily shut down, assuring fund accessibility but facing user skepticism over recovery timelines.

- The incident underscores DeFi’s governance risks, urging tighter multisig controls and transparency.

Credix, a decentralized finance (DeFi) protocol, recently suffered a major security breach, with approximately $2.64 million in assets being drained from its smart contracts within a short period. The exploit, first reported by blockchain monitoring platforms Cyvers Alerts and SlowMist, triggered immediate concern across the DeFi community and caused the platform to shut down temporarily to prevent further losses[1].

According to analysis by cybersecurity firm SlowMist, the attacker gained access to the Credix Multisig Wallet six days prior to the theft, when both the admin and bridge controller privileges were added to the account through the ACLManager. This allowed the hacker to mint unbacked collateral tokens and use them to siphon liquidity from the pools[1]. PeckShield also reported that the compromised address had multiple high-level permissions, including POOL_ADMIN, BRIDGE, ASSET_LISTING_ADMIN, EMERGENCY_ADMIN, and RISK_ADMIN, effectively giving the attacker full control over the protocol’s critical functions[1].

Once the attacker had the necessary permissions, they used the platform’s own smart contracts to mint and withdraw large sums of funds. The stolen cryptocurrency was quickly moved from the Sonic Network to the Ethereum blockchain, where it was funneled through privacy tools like Tornado Cash to obscure the trail. Such tactics make it extremely difficult for investigators to trace and recover the funds[1].

Credix’s official X account confirmed the breach and stated that the team was on high alert. While the protocol assured users that funds stored in smart contracts remained accessible, the sudden site shutdown and lack of immediate recovery options have left many investors in a state of uncertainty. Credix claimed that all funds should be recoverable within 24–48 hours, but skepticism remains among users[1].

This incident raises broader concerns about the governance and security structures of DeFi protocols, particularly the risks associated with over-concentrated administrative permissions. The misuse of a single address with multiple high-level roles highlights a critical vulnerability in the system, which attackers exploited with precision. Experts have since called for tighter controls and greater transparency in multisig wallet management to prevent similar incidents.

The Credix breach serves as a stark reminder of the challenges facing the DeFi space. As regulators and security analysts take a closer look at the event, the outcome could influence future protocol design and governance practices in the sector.

---

Source: [1] [How Did $2.64 Million Just Disappear from Credix’s DeFi Vault?](https://www.livebitcoinnews.com/how-did-2-64-million-just-disappear-from-credixs-defi-vault/)

Comments



Add a public comment...
No comments

No comments yet