The team behind decentralized finance (DeFi) protocol CrediX Finance appears to have vanished following a $4.5 million exploit that drained funds from the platform, sparking widespread suspicions of an exit scam.
In an August 8 alert, blockchain security firm CertiK reported that CrediX Finance’s official X account went silent, while its website has remained offline since Monday, when the exploit first occurred.
Following the $4.4M exploit of @CrediX_fi, users were told a deal had been struck with the attacker and funds would be returned within 24–48 hours.
But now it seems the team has vanished.
The X account is inactive Website has been offline since Aug 4 But our Watchtower… pic.twitter.com/71jwscWPXq
— Blockscope (@BlockscopeCo) August 8, 2025
The company’s official Telegram channel has also vanished without any additional communications.
Security Expert Warns of Exit Scam Tactics from CrediX Finance
The hack unfolded dramatically when attackers gained administrative control of the project’s multisig wallet on August 4, exploiting bridge privileges to mint unbacked collateral tokens.
On August 5, in what is now a deleted X post, CrediX Finance reassured the community that it had successfully negotiated with the exploiter to return the stolen funds within two days in exchange for payment from the protocol’s treasury.
CrediX immediately took its website offline to prevent additional user deposits while instructing existing users to withdraw funds directly through smart contracts.
The company also pledged to reimburse users for lost funds through an airdrop distribution.
Speaking with Cryptonews, Circuit CEO Harry Donnelly criticized negotiation-based recovery methods, noting they are frequently employed as exit scam strategies.
He emphasized that “automated threat response should be standard to ensure assets are kept out of harm’s way, rather than hoping to bargain with bad actors.”
More than two days have elapsed since the promise, and the company has maintained radio silence, deleting all official accounts and leaving users without recourse or communication.
Legal Action Initiated as Recovery Efforts Begin
Affected users have begun exploring fund recovery options through legal channels.
According to a Stability DAO Discord post shared by Sonic Maxi, there have been ongoing preparations for a formal legal report.
The Stability DAO team confirmed contact with affected organizations, including Sonic Labs, Euler, Beets, and Trevee (formerly Rings Protocol). These entities plan to collaborate with authorities in recovery efforts.
https://t.co/849ff6Hm5r has gone dark. If you had funds in the @stabilitydao Metavaults, here’s what you need to know:
1⃣ https://t.co/xumlL7Dbc7 has disappeared. Affected teams, including Sonic Labs, are working with legal + cybercrime authorities to recover funds.
2⃣ A… pic.twitter.com/jtxiEzBjmi
— tomii.sonic | $S (@bsc_tomas) August 7, 2025
“Our teams are collaborating to gather all evidence, trace the funds, and coordinate with relevant legal and cybercrime units,” the Stability DAO team stated.
The DAO committed to sharing a comprehensive incident report with the community, detailing the events and recovery steps. They also revealed obtaining KYC information for two CrediX team members, which will be included in the legal filing.
The organization advised users to avoid interacting with any CrediX smart contracts and announced plans for a compensation and recovery strategy for Metavault users by mid-next week.
Community Reactions and Collateral Damage
An on-chain analyst and co-founder of Sonic MementorBot expressed sympathy for CrediX victims while criticizing their trust in unrealistically high APR promises from lending vaults.
“Metavaults are always risky. Exploiter sent funds to Tornado instead of returning,” the analyst observed.
The multi-chain yield-bearing protocol Trevee also joined to reveal that the CrediX hack indirectly impacted its operations through a $1.6 million scUSD loan to Stability’s metaUSD, which became fully exposed to CrediX following a bank run.
Similar to other users attracted by high APY and favorable borrowing rates, Trevee believed metaUSD was secure due to its associated 87% loan-to-value (LTV) ratio.
The team reported reducing its exposure to over $700,000 but expressed frustration that “the Credix team has since deleted their accounts, abandoning the project and denying all responsibility.”
Trevee promised to develop fund recovery plans addressing the shortfall and committed to updating affected users promptly.
CrediX operated as a lending protocol employing an innovative credit scoring model designed for emerging markets, specializing in projects utilizing stablecoin payment platforms.
The post CrediX Finance Team Vanishes After $4.5M Hack, Exit Scam Suspected appeared first on Cryptonews.
https://cryptonews.com/news/credix-finance-team-vanishes-after-4-5m-hack-exit-scam-suspected/
