The attacker has agreed to return the stolen funds after a disposal with the protocol behind the $ 4.5 million exploitation on Credix Finance.
Summary
- Credix Finance was to exploit $ 4.5 million through multicing admin wallet attack.
- The hacker agreed to return the entire amount in exchange for a director settled by a credix treasury.
- Lost for more than $ 153 million hack alone in July 2025, with the loss of this year now at $ 3.1 billion.
In an update shared late Monday night, Credix revealed that the exploiter has successfully interacted, which attracts $ 4.5 million from its protocol, and is now experiencing returns of stolen funds with 24 to 48 hours.
The deal involves an unknown payment for a hacker from the credix’s treasury for safe return of credits, which has no mention of legal action or additional conditions.
Protocol wrote, “We have good news for our users. Arrived successfully with the exploiter, who agreed to return the next 24-48 hours.
Once received, the fund will be used for reimbursement of affected users. Credix said it would soon ensure complete recovery of damage to users of returns of returns.
How credix hacked
The attack on reactics came after less than a month when the protocol was launched as a real-world asset borrowing platform, allowing borrowers to obtain off-chain income and DEFI lenders to obtain loans supported by collateral.
The account to slow down the security firm began about a week before the exploitation attack, when the hackers had unauthorized access to the protocol’s multisiged admin and the bridge wallet.
With complete control over the major infrastructure, the attackers collided the collateral tokens, borrowed against the protocol, and quickly dried their life -off. The stolen funds were transported from Sonic to Etherium.
Certificate hack is the latest in the growing list of hit DEFI protocols from major exploits this year. In July, more than $ 153 million was lost to crypto hacks and scams, which further enhances the total industry loss for more than $ 3.1 billion.
Meanwhile, another recent victim, GMX, who was hacked for $ 42 million on July 9, also managed to recover the stolen funds after offering his 10% bounty last month.
But even with these successful recovery, advisory tendencies of the attackers point to a deep problem. Despite being labeled as decentralized, many DEFI protocols still depend on centralized controls, such as administrator key, upgradable contracts and emergency staging functions. These characteristics are now common entry points for the attackers, underlining the need for strong security and better defense mechanisms.
So far, Credix has not confirmed the dishes, and it remains to be seen what the attacker is through the agreement.
