CrediX Finance Vanishes After $4.5M DeFi Exploit
DeFi platform CrediX Finance has disappeared from the web following a $4.5 million exploit that drained its liquidity pools, prompting suspicions of a coordinated exit scam. The incident was first flagged on Monday by blockchain security firms, who found that the attackers gained control of the protocol’s multisig admin and bridge wallets six days prior. Using this access, they minted new tokens, posted them as collateral, and then siphoned liquidity from CrediX’s pools. In response, CrediX immediately took its website offline to prevent additional deposits. But within days, the situation escalated. On Friday, the project’s official X account went silent, the website stayed down, and its Telegram channel was deleted.
In brief
- A $4.5 million exploit drained CrediX Finance after attackers accessed its multisig admin and bridge wallets.
- The team promised repayment but deleted its website, social accounts, and Telegram soon after.
- Stability DAO identified two team members and is working with other projects and authorities to recover funds.
Broken promises of reimbursement
Before vanishing, CrediX Finance issued a now-deleted statement claiming it had negotiated with the hacker. In the post, the team said the exploiter had agreed to return the stolen funds within 24-48 hours in exchange for a payment from the protocol’s treasury. CrediX also promised to fully reimburse all affected users via an airdrop. The deleted post read:
Reached successful parley with the exploiter who agreed to return the funds within the next 24-48 hours in return for money fully paid by the credix treasury.
No reimbursement took place. Instead, the project’s communication channels vanished, leaving investors with no official updates.
Stability DAO names names
The collapse of CrediX has triggered wider concern in the DeFi ecosystem. Stability DAO, which was indirectly affected through exposure to CrediX assets, has stepped in to coordinate a response.
The DAO announced that it had identified two CrediX team members through know-your-customer information and would include them in a formal legal report.
Stability DAO is now working with other affected projects, including Sonic Labs, Euler, Beets, and Trevee, to trace the stolen funds and cooperate with law enforcement and cybercrime units. Stability DAO stated:
Our teams are collaborating to gather all evidence, trace the funds and coordinate with relevant legal and cybercrime units.
Ripple effects across DeFi
Trevee, one of the impacted protocols, reported that it had a $1.6 million loan to Stability’s metaUSD, which became fully exposed to CrediX after a bank run. The team has since reduced that exposure to just over $700,000 and paused the minting of its stkscUSD asset, setting a new backing price to stabilize the situation.
The incident underscores the ongoing vulnerabilities in DeFi, particularly around multisig wallet security and off-chain coordination, and raises fresh questions about how much trust can be placed in anonymous teams.
Maximize your Cointribune experience with our "Read to Earn" program! For every article you read, earn points and access exclusive rewards. Sign up now and start earning benefits.
I've been passionate about crypto for nearly a decade, ever since I was young and first became curious about investing. That early spark led me to years of research, writing, and exploring the future of decentralized tech.
The views, thoughts, and opinions expressed in this article belong solely to the author, and should not be taken as investment advice. Do your own research before taking any investment decisions.