DeFi platform Credix suffers 4.5 million USD theft! Official website urgently closed: user funds to be restored within 24 hours at the earliest

The security team SlowMist issued a warning on platform X today (4th), indicating that the DeFi platform Credix has suffered a hacker attack, resulting in losses of up to 4.5 million USD. (Background: Your computer is helping hackers mine Bitcoin! 3,500 websites have been implanted with 'mining scripts', invisibly hijacking users without their notice) (Further background: GMX hackers chose to 'act as white hats' and returned 40.5 million USD! Received a 4.5 million USD bounty, $GMX rebounded by 16%) Another DeFi protocol has been hacked! The security team SlowMist issued a warning on platform X today (4th), indicating that the DeFi platform Credix has suffered a hacker attack, resulting in losses of up to 4.5 million USD. According to information disclosed by SlowMist, Credix's multisig wallet added a hacker as an administrator and bridge operator through ACLManager six days ago (end of July), which granted the hacker key permissions to mint collateral tokens directly in the liquidity pool as a bridge operator. In this way, the hacker quickly borrowed a large amount of assets, nearly exhausting Credix's liquidity pool, causing severe losses. SlowMist TI Alert MistEye detected that @CrediX_fi has been exploited. The CrediX Multisig Wallet, 6 days ago, added an attacker as both Admin and Bridge via ACLManager. https://t.co/E6tbBEI76M This enabled the attacker, acting in the Bridge role, to directly mint… https://t.co/GiXswzNZqS pic.twitter.com/jJjYR1eyET — SlowMist (@SlowMist_Team) August 4, 2025 Additionally, another security team Cyvers Alerts also revealed a suspicious lead on platform X: an address receiving funds from the cryptocurrency mixer Tornado Cash transferred assets to the Solana network and borrowed 2.64 million USD from the Credix platform, then bridged those funds back to Ethereum: Our system detected multiple suspicious transactions involving Credix on the Sonic network. An address funded by Tornado Cash on the Ethereum network bridged funds to the Sonic network and borrowed approximately 2.64 million USD from @CrediX_fi. Most of these funds have been bridged back to the ETH network, and no further movements have been observed. ALERTOur system has detected multiple suspicious transactions on the #Sonic network involving @CrediX_fi. An address funded by @TornadoCash on the #ETH network bridged funds to the #Sonic network and borrowed approximately 2.64M from @CrediX_fi. Most of these funds have… pic.twitter.com/vK2y21Vhu9 — Cyvers Alerts (@CyversAlerts) August 4, 2025 Official confirmation of hacking Regarding this incident, Credix's official account confirmed the hacking on platform X around 5 PM today, stating that emergency measures have been taken to protect user assets: The website has been disabled to prevent users from depositing. Please use contracts to withdraw. website has been disabled to prevent users from depositing. Please use contracts to withdraw — CrediX (@CrediX_fi) August 4, 2025 Additionally, the official account later continued to add that all users' funds will be fully recovered within 24 to 48 hours. All users funds will be recovered in full within 24-48 hours — CrediX (@CrediX_fi) August 4, 2025 Related reports Where hackers are focused, how did Binance withstand it for eight years? Brazil's central bank loses 140 million USD in reserves to hackers! The stolen funds converted to Bitcoin, hacker costs only 2,760 USD, service provider becomes a loophole Microsoft collaborates with the FBI to combat North Korean hacker fraud! Frozen 3,000 accounts, captures U.S. 'accomplice workers' "DeFi platform Credix suffers 4.5 million USD theft! Official website urgently closed: user funds to be restored within 24 hours at the earliest" This article was first published on BlockTempo (the most influential blockchain news media).