Defi Market Suffers Another Heavy Loss: $4.5 Million Hack Inflicted
In a shocking turn of events, the decentralized exchange CrediX_fi has suffered a significant security breach, leading to an estimated loss of $4.5 million. The attack was executed through a compromised administrative account, raising concerns about the security of the entire CrediX ecosystem.
The breach was facilitated by an administrative account with a wallet ending in "EC662e," which held multiple high-level roles including pool admin, bridge controller, asset listing admin, emergency admin, and risk admin privileges. The attackers gained access to these roles six days prior to the theft, adding themselves as Admin and Bridge controller on the multi-signature wallet.
Using the bridge role, they minted unbacked collateral tokens through the lending pool and leveraged these worthless tokens to borrow and drain the funds from CrediX. The stolen funds were then bridged from the Sonic blockchain network to Ethereum and dispersed into three separate wallets.
The roles affected by this breach included POOL_ADMIN, BRIDGE (Bridge controller), ASSET_LISTING_ADMIN, EMERGENCY_ADMIN, and RISK_ADMIN. The attacker's access to these multiple admin roles allowed comprehensive control, facilitating the minting of fake tokens and draining of funds without needing a contract exploit.
This incident has put acUSDC and any governance or utility tokens associated with the CrediX protocol in danger of collapsing due to the severe erosion of token trust. The protocol lacks transparency regarding remediation audits and a recovery roadmap, adding to the concerns of investors.
The hack has caused uncertainty and damage control for investors and users. CrediX has disabled its website and advised users to withdraw using only smart contracts. On-chain forensics and third-party audits are necessary for regaining investor trust in the CrediX protocol.
The breach underscores significant governance and access control risks in DeFi protocols. Developers have lost trust in the integrity of the smart contracts and role management within the CrediX protocol, even if they regain control. Investors are advised to avoid any further CrediX-related exposure until complete transparency, on-chain forensics, and third-party audits are provided.
With the CrediX ecosystem becoming a single point of failure due to an address with broad permissions across multiple systems, long-term consequences are expected as a result of the compromised CrediX protocol. It serves as a stark reminder for all DeFi platforms to prioritize security and transparency to maintain investor trust.
[1]: Source for detailed technical analysis [3]: Source for stolen funds dispersion details [5]: Source for information on unbacked acUSDC tokens and their creation during the hack.
- The breach in the decentralized exchange CrediX_fi, resulting in an estimated loss of $4.5 million, was facilitated by a compromised administrative account with a wallet ending in "EC662e."
- The roles affected by this breach included POOL_ADMIN, BRIDGE (Bridge controller), ASSET_LISTING_ADMIN, EMERGENCY_ADMIN, and RISK_ADMIN, allowing the attacker comprehensive control.
- Using the bridge role, the attackers minted unbacked collateral tokens through the lending pool and drained funds from CrediX.
- The stolen funds were then bridged from the Sonic blockchain network to Ethereum and dispersed into three separate wallets.
- This incident has put acUSDC and any governance or utility tokens associated with the CrediX protocol in danger of collapsing, due to the severe erosion of token trust.
- Developers have lost trust in the integrity of the smart contracts and role management within the CrediX protocol, even if they regain control.
- It serves as a stark reminder for all DeFi platforms to prioritize security and transparency to maintain investor trust, as the CrediX ecosystem becoming a single point of failure due to an address with broad permissions across multiple systems may lead to long-term consequences.
