CrediX Finance

2025-07-01

CrediX Finance launches on the Sonic blockchain as a DeFi lending protocol, less than one month before the exploit.

2025-07-29

Attacker granted POOL_ADMIN_ROLE, BRIDGE_ROLE, ASSET_LISTING_ADMIN_ROLE, EMERGENCY_ADMIN_ROLE, and RISK_ADMIN_ROLE via the ACLManager contract by a CrediX admin EOA (0x0dd010513F7abB8F9c628dC164a24D953BCA09Cf). Transaction hash: 0x0cc3520951a2b41281dcc9a0d37ef3f7f139b75675d83ae72e3b8e903334f35e.

2025-08-04

Exploit executed at approximately 09:10 UTC. Attacker mints 2,500,000 unbacked acUSDC and 3,250,000 unbacked acscUSD, uses them as collateral to drain $4.5M in user funds. Protocol taken offline. Stolen assets bridged from Sonic to Ethereum via deBridge.

2025-08-04

CrediX Finance posts statement on X claiming 'All users funds will be recovered in full within 24-48 hours' and alleges a negotiated return deal with the exploiter.

2025-08-05

CertiK confirms stolen assets distributed across three Ethereum wallets. Approximately half (300 ETH) subsequently routed through Tornado Cash.

2025-08-08

CrediX Finance team goes completely dark. Website remains offline, X account deactivated, Telegram channel deleted, Discord shut down. No fund recovery occurs. CertiK publicly reports the disappearance.

2025-08-08

Stability DAO announces it is filing a formal legal report with cybercrime authorities, confirms KYC data for two CrediX team members has been obtained and will be submitted to law enforcement.

2025-08-09

Multiple affected protocols — Sonic Labs, Euler, Beets, Trevee — join Stability DAO's coordinated legal and recovery effort. Trevee reduces its CrediX exposure from $1.6M to approximately $700K.