A Major Breach in the DeFi World
In a significant blow to the decentralized finance (DeFi) sector, CrediX Finance — a relatively new protocol operating on the Sonic network — has fallen victim to a cyberattack resulting in a loss of approximately $4.5 million. The exploit occurred on August 4, 2025, less than a month after the platform’s official launch.
According to cybersecurity firm CertiK, the stolen funds were swiftly moved from the Sonic network to Ethereum, distributed across three separate wallets. The specific method of attack remains under investigation, but early signs point to a multisig wallet vulnerability as the entry point.
Immediate Response and User Reassurance
Upon detecting the breach, CrediX immediately suspended operations and disabled its website to prevent further transactions. In a public statement on X (formerly Twitter), the CrediX team assured users that all stolen assets would be fully refunded within 24 to 48 hours.
This rapid commitment to compensation has been welcomed by the user community, although it raises questions about the platform’s backup liquidity and security reserves.
How the Exploit Was Executed
Further analysis by SlowMist reveals that the attacker likely gained unauthorized access to the multisignature control of the Sonic bridge days before the incident. Exploiting this privileged access, the hacker created fictitious collateral to secure large loans, enabling them to drain significant liquidity pools and reroute the capital.
Despite being a new launch on Sonic, the CrediX platform itself has been operational since 2021, focusing on real-world asset (RWA) lending. The protocol had previously secured a $60 million credit line, underscoring its credibility — until now.
Growing Trend of Multisig Attacks in 2025
This incident is not isolated. According to CertiK, multisig wallet breaches have become the primary threat vector in DeFi. In the first half of 2025 alone, damages from similar attacks surpassed $3.1 billion, exposing a critical vulnerability in the ecosystem’s infrastructure.
Conclusion: The Need for Stronger DeFi Defenses
The CrediX breach is a stark reminder that even trusted DeFi platforms are not immune to sophisticated attacks. As the DeFi space continues to grow, so does the need for robust security protocols, continuous smart contract audits, and user education. While CrediX’s quick refund promise is commendable, the attack highlights a deeper issue — the urgent need to reinforce multisig security across the DeFi landscape.
