Exploitation of Solana-based Defee Lenders Credix; The attacker gave admin access and drained liquidity pool

Share this article

A solana-based decentralized decentralized finance (DEFI) platform, which was exploited on Monday, was released on Monday for a stentment for a stentment.

It seems that there was a security violation. We are investigating and shared the details soon

– credix (@credix_fi) August 4, 2025

The blockchain security firm Slowmist, who first reduced the incident, exploited reports after a malicious actor was added to both a administrator and a bridge through the ACLMANAGER six days before the attack.

🚨SLOWMIST TI Alert🚨

Miste said that @Credix_fi Has been exploited.

Certix Multisig Wallet, 6 days ago, Acclmanager.https: //t.co/E6TBbei76M added an attacker as both administrator and bridge through the bridge

This enabled the attacker, acting in the role of the bridge, straight mint… https://t.co/gixswznzqs pic.twitter.com/jjjyr1eyet

– Slowmist (@SLOWMIST_TEAM) August 4, 2025

The permissions replace the attacker to accept the role of the bridge and the mint collateral tokens directly to the borrowed pool. Using these disorganized mining tokens, the attacker borrowed large amounts of property, effectively attracted the leaks of the protocol.

Credix announced that an inquiry is outgoing and, as a precautionary measure, its website has been temporarily disabled to prevent any new user deposits.

The team assured users that all funds are safe and can still be accessed directly through smart contracts.

Cast for statement, a complete recovery of user money with 24 to 48 hours is expected.

All user funds will be completely recovered with 24-48 hours

– credix (@credix_fi) August 4, 2025

Credix first acquired $ 60 million in credit financing to support small and medium -sized enterprises (SMEs) in Latin America, which is a cooperative with the US alternative investment management firms with $ 3 billion portfolio, through priority loan financing.

Share this article