Decentralized finance (DeFi) lender Credix has confirmed a $4.5 million exploit involving compromised admin wallet access. The platform, which operates on Solana, said it has disabled its front-end and pledged to fully reimburse affected users within 48 hours.
Admin Wallet Breach Led to Fake Token Minting
On Monday, an attacker gained control of a privileged administrator wallet, using bridge permissions to mint unbacked acUSDC (Sonic USDC). The hacker then borrowed assets against these tokens and drained Credix’s liquidity pools.
On-chain analysts traced the breach to address 0xF321…662e, which carried sweeping admin powers.
After minting fake assets, the attacker bridged funds from Sonic to Ethereum and split the proceeds across new wallets. None of the funds have been sent to centralized exchanges yet, according to Web3 security firm CertiK.
Front-End Disabled, Withdrawals Open via Contracts
In response, Credix shut down its user interface to block deposits and posted updates on social platform X. Users were urged to withdraw directly from contracts, avoiding interaction with potentially compromised web infrastructure.
The company promised that all users will be “reimbursed in full within 24–48 hours.”
It remains unclear whether the reimbursement will come from treasury reserves, third-party capital, or negotiations with the attacker.
Hack Highlights Growing 2025 DeFi Risks
This attack adds to a troubling trend in the DeFi ecosystem. According to TRM Labs, crypto hackers stole $2.1 billion in the first half of 2025, with DeFi exploits accounting for around $252 million, or 12% of the total.
“DeFi remains highly vulnerable to access control failures and smart contract bugs,” security researchers warn.
About Credix
Credix operates as an onchain credit marketplace connecting fintech lenders in emerging markets to global capital. Based in Belgium, the firm has raised $73.7 million across four funding rounds. Its use of tokenized debt aims to provide capital-efficient alternatives to traditional finance — but this latest exploit raises questions about protocol security and key management.
Disclaimer
This content is for informational purposes only and does not constitute financial, investment, or legal advice. Cryptocurrency trading involves risk and may result in financial loss.