The official OKX app features seamless multilingual interface switching, providing global users with barrier-free trading experience. Our innovative social copy trading system connects you with professional strategies, while open API supports customized q
Download for Android Download for IOS
The decentralized finance (DeFi) world was rocked this week as the CrediX Finance team disappeared after a $4.5 million exploit, leaving investors questioning whether this was a sophisticated hack or an elaborate exit scam.
Blockchain security analysts revealed that attackers gained access to CrediX's multisig admin and bridge wallets six days before executing the heist. The hackers minted counterfeit crypto assets, using them as collateral to drain the platform's liquidity pools. SlowMist's investigation showed the exploit followed a carefully planned sequence of unauthorized transactions.
【Critical Detail】The attack occurred on Monday, August 4, with the team abruptly taking their website offline and disabling all official communication channels shortly after. The protocol's Twitter account (@CrediX_fi) went dark on Friday, while their Telegram group vanished without explanation.
In a since-deleted tweet, CrediX claimed to have negotiated with the exploiter for fund return within 48 hours, promising full user reimbursement through an airdrop. ——This assurance now appears to have been a smokescreen—— as the team completely vanished after making these claims.
Stability DAO has since stepped forward, announcing they've identified two CrediX team members through KYC verification. The decentralized organization is collaborating with affected projects including Sonic Labs and Euler to trace the stolen funds and prepare legal action.
The fallout extended to Trevee (formerly Rings Protocol), which reported $1.6 million in exposure through Stability's metaUSD. Trevee's team managed to reduce their vulnerability to $700,000 by pausing stkscUSD minting and adjusting backing prices.
Industry analysts note this incident highlights the persistent vulnerabilities in DeFi governance structures, particularly around multisig wallet security. The disappearance of project teams post-exploit has become an alarming trend, with 【2025】 already seeing three similar cases according to CertiK's latest security report.
As the crypto community awaits Stability DAO's promised full incident report, the CrediX case serves as another stark reminder of the risks in permissionless finance. With authorities now involved, the coming weeks may reveal whether this was a sophisticated external attack or an inside job gone wrong.