Summary
- SlowMist reported that a multi-signature exploit incident occurred at CrediX.
- It was revealed that the attacker used both multisig wallet administrator and bridge privileges to directly issue collateral tokens and borrow a large amount of assets.
- CrediX deactivated their website due to the security breach, and instructed users to utilize the contract for fund withdrawals.
A multi-signature exploit incident occurred at the decentralized finance (DeFi) project CrediX.
On the 4th (local time), the on-chain security platform SlowMist explained, "An attacker who accessed the CrediX multisig wallet six days ago is confirmed to have held both administrator and bridge privileges. Using these, the attacker was able to directly issue collateral tokens. The attacker borrowed massive assets and drained the pool."
Accordingly, CrediX stated, "A security breach has occurred and is under investigation. To prevent user deposits, we have deactivated the website. For fund withdrawals, users need to utilize the contract."
YM Lee
20min@bloomingbit.ioCrypto Chatterbox_ tlg@Bloomingbit_YMLEE
![[Analysis] "Bitcoin could fall once more before the next bull run… may drop to as low as $43,000"](https://media.bloomingbit.io/PROD/news/8c7118c8-560c-45ee-b17c-33941c08bb67.webp?w=250)
![[Analysis] "Bitcoin shows signs of recovering sentiment among U.S. investors… but a strong bullish reversal is still not in place"](https://media.bloomingbit.io/PROD/news/fa06d293-8d64-4e15-8420-70b42038247c.webp?w=250)