A security breach at Credix, a decentralized finance (DeFi) platform, led to the loss of around $4.5 million on August 4.
The funds were taken by an attacker who used special access to create fake stablecoins, according to a post on X by CertiK, a blockchain security firm.
These stablecoins were then exchanged for real assets and sent from the Sonic blockchain to Ethereum
Did you know?
Subscribe – We publish new crypto explainer videos every week!
Is Cryptocurrency a Good Investment? (5 PROS & CONS!)
Credix later confirmed the incident on X and said its website had been taken down as a safety measure. The team promised that “all funds will be recovered in full within 24 to 48 hours”.
However, at 11:00 AM in the US, the site was still offline, and users in the project’s Telegram group were asking for help withdrawing their money.
PeckShield, a blockchain security firm, explained that the attacker gained control of an admin account, which allowed them to generate stablecoins without backing. Using those tokens, they removed assets that had been provided as collateral by other users.
Another firm, SlowMist, found that these admin permissions were granted to the attacker’s wallet six days before the exploit happened.
Credix is known for offering access to several other DeFi platforms, such as Aave
On August 2, Scam Sniffer reported that a scammer stole $908,551 in USDC by using an old token approval. How? Read the full story.
