CrediX Recovers 4.5M Stolen Crypto Through Private Settlement

Generated by AI AgentCoin World
Tuesday, Aug 5, 2025 11:50 am ET1min read
Aime RobotAime Summary

- CrediX Finance negotiated a private settlement with a hacker, recovering $4.5M stolen funds via treasury payout without legal action.

- Attack exploited multisig admin and bridge wallet vulnerabilities, with stolen assets moved via Sonic bridge to Ethereum.

- 2025 DeFi hacks reached $3.1B in losses, with July alone seeing $153M stolen, highlighting persistent protocol security gaps.

- GMX and others recovered funds through similar bounties, showing growing industry trend of incentivized cyberattack resolutions.

- Despite short-term successes, centralized controls like admin keys remain major attack vectors requiring long-term security upgrades.

CrediX Finance, a DeFi protocol focused on real-world asset lending, has reached a settlement with the hacker responsible for a $4.5 million exploit. The attacker agreed to return the stolen funds within 24–48 hours in exchange for an undisclosed payout from CrediX’s treasury, marking a successful negotiation without any legal action involved [1]. The funds, once returned, will be airdropped to affected users, allowing for the full recovery of their losses [1].

The attack occurred less than a month after CrediX’s launch and involved unauthorized access to the protocol’s multisig admin and bridge wallets. Security firm SlowMist noted that hackers began their intrusion nearly a week prior to the theft, exploiting access to mint collateral tokens and drain liquidity from the platform [1]. The stolen assets were moved via the Sonic bridge to the Ethereum network, according to blockchain security company Cyvers [1].

This incident adds to a troubling trend of DeFi exploits in 2025. In July alone, more than $153 million was lost to hacks and scams, pushing the year’s total losses above $3.1 billion [1]. Other protocols, such as GMX, have also seen successful recoveries through negotiated settlements. For instance, the GMX hacker returned $42 million after being offered a 10% bounty [1]. These cases reflect a broader pattern where attackers return stolen funds to avoid legal or reputational risks.

Despite these successes, underlying vulnerabilities in DeFi protocols remain a major concern. Many projects still rely on centralized controls such as admin keys and emergency pause functions, which hackers frequently target. This suggests that while short-term recovery strategies are improving, long-term security improvements are essential to prevent future incidents [1].

Onchain security firm CertiK reported that total losses from hacks and scams in the first half of 2025 reached $2.47 billion, with $800 million lost in the second quarter alone [2]. Meanwhile, Immunefi noted that nearly 80% of crypto projects fail to recover their value after major security breaches, indicating that the reputational damage from hacks can be as severe as the financial loss [2].

CrediX has not yet confirmed receipt of the returned funds, and it remains to be seen whether the hacker follows through on the agreement. However, the protocol’s ability to negotiate a full settlement demonstrates a growing trend in the crypto industry toward cooperative resolution strategies. As DeFi continues to evolve, protocols are increasingly relying on negotiation and incentives to mitigate the impact of cyberattacks, signaling a shift in how the sector addresses security threats.

Sources:

[1] CrediX negotiates crypto recovery: 4.5M hack

https://cointelegraph.com/news/credix-negotiates-crypto-recovery-4-5m-hack?utm_source=rss_feed&utm_medium=rss&utm_campaign=rss_partner_inbound

[2] CertiK report on 2025 crypto hacks and losses

https://www.ainvest.com/news/credix-recovers-4-5m-stolen-crypto-private-settlement-2508/

Comments



Add a public comment...
No comments

No comments yet