Finance
Share this article

DeFi Protocol CrediX Taken Offline After $4.5M Exploit

CertiK said all the stolen funds were bridged to Ethereum from Sonic.

By Oliver Knight|Edited by Sheldon Reback
Aug 4, 2025, 11:33 a.m.
A pair of spectacles sits on a tabletop in front of a bank of screens. (Kevin Ku/Unsplash)
(Kevin Ku/Unsplash)

What to know:

  • Sonic-based DeFi protocol CrediX Finance was taken offline after suffering a $4.5 million exploit less than a month after its debut.
  • Blockchain security firm CertiK said the stolen funds were transferred from Sonic to Ethereum and are now distributed across three wallets.
  • CrediX assured users on X that all funds would be fully recovered within 24–48 hours, addressing concerns as multi-sig wallet breaches continue to be a leading DeFi vulnerability in 2025.

Sonic-based decentralized finance (DeFi) protocol CrediX Finance was taken offline after being struck by a $4.5 million exploit.

The protocol, which has been live for less than a month, revealed there was a "security breach" at 9:10 UTC on Monday. The website was taken offline to prevent users from depositing.

STORY CONTINUES BELOW
Don't miss another story.Subscribe to the Crypto Daybook Americas Newsletter today. See all newsletters
By signing up, you will receive emails about CoinDesk products and you agree to our terms & conditions and privacy policy.

Blockchain security firm CertiK said all the stolen funds were bridged from Sonic to Ethereum and now sit in three separate wallets.

The method of attack remains is unclear but it's worth noting that multi-sig wallet breaches became the most common attack vector in the first half of 2025, contributing to a total of $3.1 billion lost to hacks during that period.

"All users funds will be recovered in full within 24-48 hours," CrediX wrote on X to quell the concerns of investors who were unable to access the website.

HackExploitDeFiCredix