The CrediX team reported that they managed to negotiate with the hacker and that he would return the misappropriated funds within 24-48 hours. In return, CrediX will not initiate legal proceedings against the perpetrator. The funds received will be used to compensate affected users, whose losses the platform promised to fully reimburse. CrediX has not yet confirmed the receipt of funds, and it is unclear whether the perpetrator will fulfill the terms of the agreement.
The attack on CrediX Finance occurred a month after the launch of this real asset lending platform. Specialists from SlowMist determined that the exploit was used a week before the attack, when the hacker gained unauthorized access to the bridge control and the protocol's multi-signature administrative wallets. Having gained full control over the protocol, the attacker issued collateral tokens, created a pledge, and withdrew part of the liquidity. The stolen funds were transferred from Sonic to the Ethereum blockchain.
In July, the cryptocurrency exchange GMX also suffered a hacker attack — $42 million was stolen from the platform. However, it was also able to recover the stolen funds by offering the perpetrator a reward of 10% of the stolen amount.
According to TRM Labs, over the past six months, hackers have stolen $2.1 billion in cryptocurrencies, setting a new anti-record. Most vulnerabilities were attributed to the technical architecture of projects, experts clarified.