SlowMist Warns of $4.5 Million Loss from DeFi Platform Credix Hack
The security team SlowMist issued a warning today (August 4) on the X platform, indicating that the DeFi platform Credix has been attacked by hackers, resulting in losses of up to $4.5 million.
(Background: Your computer is helping hackers mine Bitcoin! 3,500 websites have been implanted with “mining scripts,” invisibly hijacking users without their awareness.)
(Context: The GMX hacker chose to “act as a white hat” and returned $40.5 million! Received a $4.5 million bounty, $GMX rebounded 16%.)
Another DeFi Protocol Compromised!
According to information disclosed by SlowMist, Credix’s multi-signature wallet added a hacker as both an administrator and a bridge role via ACLManager six days ago (at the end of July). This operation granted the hacker critical permissions, enabling them to directly mint collateral tokens for themselves in the liquidity pool.
Through this method, the hacker quickly borrowed a large amount of assets, nearly depleting Credix’s liquidity pool, resulting in substantial losses.
SlowMist TI Alert
MistEye detected that @CrediX_fi has been exploited. The CrediX Multisig Wallet, 6 days ago, added an attacker as both Admin and Bridge via ACLManager. https://t.co/E6tbBEI76M This enabled the attacker, acting in the Bridge role, to directly mint… https://t.co/GiXswzNZqSpic.twitter.com/jJjYR1eyET
— SlowMist (@SlowMist_Team) August 4, 2025
Suspicious Transactions Detected
Additionally, another security team, Cyvers Alerts, revealed a suspicious lead on the X platform: an address receiving funds from the cryptocurrency mixer Tornado Cash transferred assets to the Solana network and borrowed $2.64 million from the Credix platform before bridging these funds back to Ethereum.
Our system detected multiple suspicious transactions on the Sonic network involving Credix. An address funded by Tornado Cash on the Ethereum network bridged funds to the Sonic network and borrowed approximately $2.64 million from Credix. Most of these funds have been bridged back to the ETH network, and no further movements have been observed.
ALERT Our system has detected multiple suspicious transactions on the #Sonicnetwork involving @CrediX_fi. An address funded by @TornadoCash on the #ETHnetwork bridged funds to the #Sonicnetwork and borrowed approximately 2.64M from @CrediX_fi. Most of these funds have… pic.twitter.com/vK2y21Vhu9
— Cyvers Alerts (@CyversAlerts) August 4, 2025
Official Confirmation of the Hack
In relation to this incident, Credix officially confirmed the hack around 5 PM today via the X platform, stating that emergency measures had been implemented to protect user assets:
The website has been disabled to prevent users from depositing. Please use contracts to withdraw.
— CrediX (@CrediX_fi) August 4, 2025
Furthermore, the official statement continued, promising that all user funds would be fully restored within 24 to 48 hours.
All users’ funds will be recovered in full within 24-48 hours.
— CrediX (@CrediX_fi) August 4, 2025
Related Reports
Why has Binance withstood hackers for eight years?
Brazil’s central bank loses $140 million in reserves to hackers! Illicit funds converted to Bitcoin, hacker costs only $2,760, service providers become a weak point.
Microsoft collaborates with the FBI to combat North Korean hacking fraud! Freezes 3,000 accounts and captures a U.S. “working accomplice.”