.png)
3 months ago
18
CertiK said all the stolen funds were bridged to Ethereum from Sonic.
Aug 4, 2025, 11:33 a.m.
Sonic-based decentralized finance (DeFi) protocol CrediX Finance was taken offline after being struck by a $4.5 million exploit.
The protocol, which has been live for less than a month, revealed there was a "security breach" at 9:10 UTC on Monday. The website was taken offline to prevent users from depositing.
Blockchain security firm CertiK said all the stolen funds were bridged from Sonic to Ethereum and now sit in three separate wallets.
The method of attack remains is unclear but it's worth noting that multi-sig wallet breaches became the most common attack vector in the first half of 2025, contributing to a total of $3.1 billion lost to hacks during that period.
"All users funds will be recovered in full within 24-48 hours," CrediX wrote on X to quell the concerns of investors who were unable to access the website.
Oliver Knight
Oliver Knight is the co-leader of CoinDesk data tokens and data team. Before joining CoinDesk in 2022 Oliver spent three years as the chief reporter at Coin Rivet. He first started investing in bitcoin in 2013 and spent a period of his career working at a market making firm in the UK. He does not currently have any crypto holdings.
