Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
The decentralized lending protocol Credix suffered an exploit, losing approximately $4.5 million. The attacker gained control of an admin wallet, minted tokens, and drained liquidity pools. After the incident, Credix claimed it had reached a settlement with the attacker, who agreed to return the funds on the condition that “a certain amount would be fully paid by the Credix treasury.” However, Credix did not disclose how much was actually paid. Shortly after this announcement, Credix deleted its social media accounts and the team disappeared, sparking speculation that the so-called “hack” may in fact have been a rug pull orchestrated by insiders. To date, the promised reimbursements have not been fulfilled. Attack method (per SlowMist): Rug Pull. Reported loss: $ 4,500,000.
- chain
- —
- protocol
- Credix
- bug_class
- rug
- date_occurred
- 2025-08-04
- loss_usd
- $4,500,000
- source_id
- sm:credix::2025-08-04