Credix was attacked, resulting in a loss of 4.5 million USD from a stablecoin minting vulnerability

According to blockchain security firms CertiK and PeckShield, the decentralized finance (DeFi) protocol #Credix was attacked, leading to a loss of 4.5 million USD in cryptocurrency. The attack occurred on Monday when the attacker exploited a vulnerability to mint uncollateralized stablecoins.

Details of the attack

According to PeckShield's analysis, the attacker gained access to an administrator account, allowing them to mint stablecoins without collateral. Using these fake stablecoins, the attacker withdrew real assets from users collateralized on Credix. The security firms stated that the attacker had obtained this "privilege" six days prior to the attack.

The stolen funds were subsequently transferred from the layer-1 Sonic network to Ethereum. Credix has confirmed the incident and temporarily shut down the website. The protocol has committed to "fully recover" the funds for users within two days.

This incident serves as a reminder of the potential risks in the DeFi space, especially in protocols promising unusually high yields. Previously, former SEC Chairman Gary Gensler had warned about the risks of yield levels that sound "too good to be true." #Hacker