- CrediX exploited for $4.5M via multi-sig and bridge wallets, exposing major vulnerabilities.
- Project Team disappeared after the hack, fueling growing fears of a possible exit scam.
- Stability DAO launches legal efforts using KYC data to trace and recover stolen funds.
Decentralized finance (DeFi) Protocol CrediX Finance has vanished after falling victim to an exploit worth approximately $4.5 million. The exploit came when attackers accessed the multisig administration and bridge wallets of the protocol. The hack has cast doubts on the security of DeFi platforms and the insecurity of stablecoins deployed in DeFi ecosystems.
CrediX Finance’s Exploit and the Vanishing Act
Blockchain security companies raised the alarm on Monday, having discovered that $4.5 million had been stolen by the attackers against CrediX Finance. The DeFi protocol swiftly halted its site to stop additional deposits, but was met with deafening silence following the event. Six days before the attack, the attackers accessed key wallets, using them to mint tokens and drain the liquidity pools. After the hack, CrediX promised users that it would reimburse them within 24 to 48 hours, citing an agreement with the exploiter to return the funds.
However, the protocol’s official communication channels have since gone dark. The X account, website, and Telegram channel are all offline. With no recovery plan published, the disappearance has sparked concerns that this could be an exit scam—a tactic where developers abandon a project and abscond with investor funds. The blockchain security company, CertiK, has affirmed that since August 4, the CrediX site and X account have been inactive, which adds to the emerging suspicions.
Stability DAO Targets CrediX Members in Efforts to Recover Stolen Funds
Stability DAO has announced its plan to launch a formal legal report regarding the CrediX exploit. The DAO is working with other affected DeFi projects. These include Sonic Labs, Euler, Beets, and Trevee, all of whom are collaborating with authorities to trace the stolen funds. The DAO has also disclosed that it has obtained Know Your Customer (KYC) information for the two identified team members, which will be included in the legal report.
“We are working closely with other projects and authorities to recover the stolen funds,” said Stability DAO in a statement. The team emphasized that they are coordinating efforts to gather all evidence, trace the stolen funds, and involve relevant legal and cybercrime units. The DAO further noted that it would share a detailed incident report with the community.
Related: CoinDCX Employee’s Credentials Hacked in $44M Crypto Theft
China’s Push Against Stablecoins Gains Context After CrediX Incident
The crackdown on stablecoins that China has been upping recently seems more reasonable following the CrediX exploit. The attack on a DeFi platform involving the embezzlement of its $4.5 million underlines the fraud potential of stablecoins and liquidity pools. The implication of misusing cross-chain bridges and admin wallets to generate tokens in this case casts doubt on the lack of protection in decentralized systems. This is in line with the position of China, which has encouraged more regulation to be exercised over stablecoin publicity as it feared it would become an avenue for fraud and financial turmoil.
China wants to ban crypto, especially stablecoin, to avoid mayhem in the financial sphere. The recent pressure of Beijing to limit the usage of stablecoins is an attempt to uphold financial stability. The case of CrediX is a strong warning of the dangers of lacking regulation and monetary transparency in the DeFi market.
