Credix, a player in the decentralized finance (DeFi) space, suffered a security incident resulting in approximately $4.5 million in losses on August 4.
According to a statement on X by CertiK, a specialist in blockchain security, the attack involved unauthorized creation of stablecoins by exploiting privileged access.
The fraudulent stablecoins were subsequently traded for legitimate assets. The stolen funds were then moved from the Sonic blockchain to the Ethereum network
Did you know?
Subscribe – We publish new crypto explainer videos every
week!
What is Algorand? ALGO Coin Explained With Animations
Credix subsequently acknowledged the security event on X, stating that their website was temporarily shut down as a security
precaution. The team also assured users that “a complete recovery of all funds will be achieved within a 24 to 48 hour
window”.
However, as of 11:00 AM EST, the website remained inaccessible. Members of the project’s Telegram channel were actively requesting assistance with
withdrawing their assets.
PeckShield, another blockchain security company, detailed that the perpetrator obtained control of an administrator account,
allowing the creation of uncollateralized stablecoins. These tokens were then used to deplete assets originally provided as collateral by platform users.
SlowMist, another security firm, discovered that the attacker’s wallet received admin permissions six days prior to the execution of the
exploit.
Credix is recognized for consolidating access to various DeFi platforms, including Aave
On August 2, Scam Sniffer reported that a scammer stole $908,551 in USDC by using an old token approval. How? Read the full
story.