{"id":57108,"date":"2025-08-04T14:13:37","date_gmt":"2025-08-04T14:13:37","guid":{"rendered":"https:\/\/crowdfundjunction.com\/blog\/credix-hack-adds-to-3-1-billion-defi-losses-in-2025-as-multisig-failures-surge\/"},"modified":"2025-08-04T14:13:37","modified_gmt":"2025-08-04T14:13:37","slug":"credix-hack-adds-to-3-1-billion-defi-losses-in-2025-as-multisig-failures-surge","status":"publish","type":"post","link":"https:\/\/crowdfundjunction.com\/blog\/credix-hack-adds-to-3-1-billion-defi-losses-in-2025-as-multisig-failures-surge\/","title":{"rendered":"CrediX hack adds to $3.1 billion DeFi losses in 2025 as multisig failures surge"},"content":{"rendered":"<p><b>(Originally posted on : CoinJournal: Latest Crypto News, Altcoin News and Cryptocurrency Comparison )<\/b><br \/>\n<\/p>\n<div data-site=\"CoinJournal\">\n<div class=\"-mt-16  mb-8  lg:-mt-20  rounded-md  shadow-md\">\n<div class=\"relative  z-10  post-article-image  rounded  overflow-hidden\" data-site=\"CoinJournal\">\n<picture><source srcset=\"https:\/\/coinjournal.net\/wp-content\/uploads\/imagecache\/2025\/05\/cetus-price-rise-after-hack-smartcrop-750x375.webp\" type=\"image\/webp\" media=\"(min-width: 750px)\"\/><source srcset=\"https:\/\/coinjournal.net\/wp-content\/uploads\/imagecache\/2025\/05\/cetus-price-rise-after-hack-smartcrop-363x181.webp\" type=\"image\/webp\"\/><source srcset=\"https:\/\/coinjournal.net\/wp-content\/uploads\/imagecache\/2025\/05\/cetus-price-rise-after-hack-smartcrop-750x375.png\" type=\"image\/jpeg\" media=\"(min-width: 750px)\"\/><source srcset=\"https:\/\/coinjournal.net\/wp-content\/uploads\/imagecache\/2025\/05\/cetus-price-rise-after-hack-smartcrop-363x181.png\" type=\"image\/jpeg\"\/>\n<\/picture>                            <\/div>\n<\/p><\/div>\n<ul>\n<li>Attacker gained admin access six days before attack.<\/li>\n<li>Borrowed $2.64 million after minting fake collateral tokens.<\/li>\n<li>Hacken urges real-time AI monitoring for DeFi wallet security.<\/li>\n<\/ul>\n<p data-start=\"175\" data-end=\"710\">The decentralised finance sector has once again been shaken by a major exploit\u2014this time <a href=\"https:\/\/x.com\/CrediX_fi\/status\/1952296077308428311?ref_src=twsrc%5Etfw%7Ctwcamp%5Etweetembed%7Ctwterm%5E1952296077308428311%7Ctwgr%5E6971b5ea9b38b17e72f6182ec9d7a6728020d9f0%7Ctwcon%5Es1_&amp;ref_url=https%3A%2F%2Fcoinpedia.org%2Fnews%2Fcredix-hit-by-4-5m-hack-attacker-bridges-funds-to-ethereum%2F\">targeting CrediX<\/a>.<\/p>\n<p data-start=\"175\" data-end=\"710\">The project reportedly lost $4.5 million following an attack enabled by a private key compromise and governance access flaws.<\/p>\n<div class=\"ad-banner  container  pt-1  px-0  mb-6\" data-partner=\"bitcoinpenguin\">\n        <a href=\"https:\/\/bitcoinpenguins.io\/en?utm_source=coinjournal&amp;utm_medium=banner&amp;utm_campaign=header\" target=\"_blank\" rel=\"nofollow sponsored noopener\"><br \/>\n            <img decoding=\"async\" class=\"p-0  m-0\" src=\"https:\/\/coinjournal.net\/wp-content\/themes\/c1-base\/dist\/img\/ad\/bitcoinpenguin\/en.png\"\/><br \/>\n        <\/a>\n    <\/div>\n<p data-start=\"175\" data-end=\"710\">The attacker bridged funds across networks, exploited administrative access, and drained the CrediX Pool using minted collateral tokens.<\/p>\n<p data-start=\"175\" data-end=\"710\">The incident has added to mounting concerns over the security of multisig wallets, which have accounted for most of the $3.1 billion in crypto losses so far in 2025.<\/p>\n<h2 data-start=\"712\" data-end=\"777\">Funds bridged from Sonic to Ethereum as platform taken offline<\/h2>\n<p data-start=\"779\" data-end=\"1077\">CrediX has since taken its website offline to prevent further deposits.<\/p>\n<p data-start=\"779\" data-end=\"1077\">Blockchain security firm CertiK confirmed that the stolen funds were transferred from the Sonic network to Ethereum.<\/p>\n<p data-start=\"1079\" data-end=\"1427\">Web3 security platform<a href=\"https:\/\/x.com\/CyversAlerts\/status\/1952299850650747079?ref_src=twsrc%5Etfw%7Ctwcamp%5Etweetembed%7Ctwterm%5E1952299850650747079%7Ctwgr%5E6971b5ea9b38b17e72f6182ec9d7a6728020d9f0%7Ctwcon%5Es1_&amp;ref_url=https%3A%2F%2Fcoinpedia.org%2Fnews%2Fcredix-hit-by-4-5m-hack-attacker-bridges-funds-to-ethereum%2F\"> Cyvers Alerts<\/a> flagged multiple suspicious transactions on Sonic, tracing one address funded via Tornado Cash on Ethereum.<\/p>\n<p data-start=\"1079\" data-end=\"1427\">This address bridged funds to Sonic and borrowed approximately $2.64 million from CrediX.<\/p>\n<p data-start=\"1079\" data-end=\"1427\">These funds were likely extracted using collateral tokens that the attacker minted after gaining backdoor access.<\/p>\n<h2 data-start=\"1429\" data-end=\"1492\">Admin access and bridge rights enabled token minting exploit<\/h2>\n<p data-start=\"1494\" data-end=\"1891\"><a href=\"https:\/\/x.com\/SlowMist_Team\/status\/1952312873822396712\">According to SlowMist<\/a>, an on-chain security provider, the attacker was granted Admin and Bridge roles within the CrediX Multisig Wallet six days prior to the exploit.<\/p>\n<p data-start=\"1494\" data-end=\"1891\">These roles were assigned using the protocol\u2019s ACLManager.<\/p>\n<p data-start=\"1494\" data-end=\"1891\">With Bridge-level access, the attacker was able to mint collateral <a href=\"https:\/\/x.com\/CrediX_fi\/status\/1952322730294186082?ref_src=twsrc%5Etfw%7Ctwcamp%5Etweetembed%7Ctwterm%5E1952322730294186082%7Ctwgr%5E6971b5ea9b38b17e72f6182ec9d7a6728020d9f0%7Ctwcon%5Es1_&amp;ref_url=https%3A%2F%2Fcoinpedia.org%2Fnews%2Fcredix-hit-by-4-5m-hack-attacker-bridges-funds-to-ethereum%2F\">tokens through the CrediX Pool<\/a>, which were then used to borrow assets and ultimately drain the protocol.<\/p>\n<p data-start=\"1893\" data-end=\"2179\">This type of exploit underlines a critical risk in decentralised governance models, particularly around role-based access control.<\/p>\n<p data-start=\"1893\" data-end=\"2179\">Inadequate oversight in assigning privileges, especially in multisig environments, leaves DeFi protocols highly exposed to internal or external compromise.<\/p>\n<h2 data-start=\"2181\" data-end=\"2234\">Multisig wallets linked to most 2025 crypto losses<\/h2>\n<p data-start=\"2236\" data-end=\"2571\">The CrediX incident is part of a broader trend this year.<\/p>\n<p data-start=\"2236\" data-end=\"2571\"><a href=\"https:\/\/hacken.io\/insights\/h1-2025-security-report\/\">A report<\/a> by security firm Hacken states that $3.1 billion in crypto was lost in the first half of 2025, with the majority of cases involving multisig wallets.<\/p>\n<p data-start=\"2236\" data-end=\"2571\">These wallets were often breached through social engineering tactics, fake interfaces, or misconfigured signer setups.<\/p>\n<p data-start=\"2573\" data-end=\"2717\">The largest known attack this year remains the $1.46 billion Bybit exploit, where attackers deceived multisig signers using a spoofed interface.<\/p>\n<h2 data-start=\"2719\" data-end=\"2776\">Real-time threat detection now a priority, says Hacken<\/h2>\n<p data-start=\"2778\" data-end=\"3050\">In response to the growing frequency of such incidents, Hacken has recommended moving away from traditional one-time security audits.<\/p>\n<p data-start=\"2778\" data-end=\"3050\">Instead, the firm advocates for real-time, AI-based security systems that monitor multisig activity and flag abnormal behaviour instantly.<\/p>\n<p data-start=\"3052\" data-end=\"3319\">According to Hacken, more than 80% of crypto losses this year stemmed from access control failures.<\/p>\n<p data-start=\"3052\" data-end=\"3319\">The firm urges platforms to implement stricter signer training, enforce tighter rule-based automation, and treat interfaces and signers as integral to system security.<\/p>\n<p data-start=\"3321\" data-end=\"3462\">Meanwhile, CrediX has said it aims to recover the stolen funds within 24\u201348 hours, though no further details have been provided at this time.<\/p>\n<div class=\"post-meta\">\n<hr class=\"mb-6\"\/>\n<h6 class=\"text-3xl  mb-4  text-green-300\">Share this article<\/h6>\n<hr class=\"mb-6\"\/>\n<h6 class=\"text-3xl  mb-4  text-green-300\">Categories<\/h6>\n<hr class=\"mb-6\"\/>\n<h6 class=\"text-3xl  mb-4  text-green-300\">Tags<\/h6>\n<\/p><\/div>\n<\/p><\/div>\n<p><a href=\"https:\/\/coinjournal.net\/news\/credix-hack-adds-to-3-1-billion-defi-losses-in-2025-as-multisig-failures-surge\/\">Source link <\/a><br \/>\n<br \/><\/p>\n","protected":false},"excerpt":{"rendered":"<p>(Originally posted on : CoinJournal: Latest Crypto News, Altcoin News and Cryptocurrency Comparison ) Attacker gained admin access six days before attack. Borrowed $2.64 million after minting fake collateral tokens. Hacken urges real-time AI monitoring for DeFi wallet security. The decentralised finance sector has once again been shaken by a major exploit\u2014this time targeting CrediX. [&hellip;]<\/p>\n","protected":false},"author":3947362361,"featured_media":57109,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0},"categories":[35],"tags":[],"_links":{"self":[{"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/posts\/57108"}],"collection":[{"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/users\/3947362361"}],"replies":[{"embeddable":true,"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/comments?post=57108"}],"version-history":[{"count":0,"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/posts\/57108\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/media\/57109"}],"wp:attachment":[{"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/media?parent=57108"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/categories?post=57108"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/tags?post=57108"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}