Attacker gained admin access six days before attack.
\nBorrowed $2.64 million after minting fake collateral tokens.
\nHacken urges real-time AI monitoring for DeFi wallet security.<\/p>\n
The decentralised finance sector has once again been shaken by a major exploit\u2014this time targeting CrediX<\/a>.<\/p>\n The project reportedly lost $4.5 million following an attack enabled by a private key compromise and governance access flaws.<\/p>\n The attacker bridged funds across networks, exploited administrative access, and drained the CrediX Pool using minted collateral tokens.<\/p>\n The incident has added to mounting concerns over the security of multisig wallets, which have accounted for most of the $3.1 billion in crypto losses so far in 2025.<\/p>\n CrediX has since taken its website offline to prevent further deposits.<\/p>\n Blockchain security firm CertiK confirmed that the stolen funds were transferred from the Sonic network to Ethereum.<\/p>\n Web3 security platform Cyvers Alerts<\/a> flagged multiple suspicious transactions on Sonic, tracing one address funded via Tornado Cash on Ethereum.<\/p>\n This address bridged funds to Sonic and borrowed approximately $2.64 million from CrediX.<\/p>\n These funds were likely extracted using collateral tokens that the attacker minted after gaining backdoor access.<\/p>\n According to SlowMist<\/a>, an on-chain security provider, the attacker was granted Admin and Bridge roles within the CrediX Multisig Wallet six days prior to the exploit.<\/p>\n These roles were assigned using the protocol\u2019s ACLManager.<\/p>\n With Bridge-level access, the attacker was able to mint collateral tokens through the CrediX Pool<\/a>, which were then used to borrow assets and ultimately drain the protocol.<\/p>\n This type of exploit underlines a critical risk in decentralised governance models, particularly around role-based access control.<\/p>\n Inadequate oversight in assigning privileges, especially in multisig environments, leaves DeFi protocols highly exposed to internal or external compromise.<\/p>\n The CrediX incident is part of a broader trend this year.<\/p>\n A report<\/a> by security firm Hacken states that $3.1 billion in crypto was lost in the first half of 2025, with the majority of cases involving multisig wallets.<\/p>\n These wallets were often breached through social engineering tactics, fake interfaces, or misconfigured signer setups.<\/p>\n The largest known attack this year remains the $1.46 billion Bybit exploit, where attackers deceived multisig signers using a spoofed interface.<\/p>\n In response to the growing frequency of such incidents, Hacken has recommended moving away from traditional one-time security audits.<\/p>\n Instead, the firm advocates for real-time, AI-based security systems that monitor multisig activity and flag abnormal behaviour instantly.<\/p>\n According to Hacken, more than 80% of crypto losses this year stemmed from access control failures.<\/p>\n The firm urges platforms to implement stricter signer training, enforce tighter rule-based automation, and treat interfaces and signers as integral to system security.<\/p>\n Meanwhile, CrediX has said it aims to recover the stolen funds within 24\u201348 hours, though no further details have been provided at this time.<\/p>\n The post CrediX hack adds to $3.1 billion DeFi losses in 2025 as multisig failures surge<\/a> appeared first on CoinJournal<\/a>.<\/p>","protected":false},"excerpt":{"rendered":" Attacker gained admin access six days before attack. Borrowed $2.64 million after minting fake collateral tokens. Hacken urges real-time AI monitoring for DeFi wallet security. The decentralised finance sector has once again been shaken by a major exploit\u2014this time targeting CrediX. The project reportedly lost $4.5 million following an attack enabled by a private key […]<\/p>\n","protected":false},"author":0,"featured_media":4458,"comment_status":"","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"tdm_status":"","tdm_grid_status":"","footnotes":""},"categories":[100],"tags":[],"class_list":{"0":"post-4457","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-ethereum"},"acf":[],"_links":{"self":[{"href":"https:\/\/digkrypton.com\/index.php\/wp-json\/wp\/v2\/posts\/4457","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/digkrypton.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/digkrypton.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/digkrypton.com\/index.php\/wp-json\/wp\/v2\/comments?post=4457"}],"version-history":[{"count":0,"href":"https:\/\/digkrypton.com\/index.php\/wp-json\/wp\/v2\/posts\/4457\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/digkrypton.com\/index.php\/wp-json\/wp\/v2\/media\/4458"}],"wp:attachment":[{"href":"https:\/\/digkrypton.com\/index.php\/wp-json\/wp\/v2\/media?parent=4457"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/digkrypton.com\/index.php\/wp-json\/wp\/v2\/categories?post=4457"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/digkrypton.com\/index.php\/wp-json\/wp\/v2\/tags?post=4457"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}Funds bridged from Sonic to Ethereum as platform taken offline<\/h2>\n
Admin access and bridge rights enabled token minting exploit<\/h2>\n
Multisig wallets linked to most 2025 crypto losses<\/h2>\n
Real-time threat detection now a priority, says Hacken<\/h2>\n