Another day, another hack. So it goes in the world of decentralized finance (DeFi), which is all too often seen as a potentially lucrative target by digital crooks. This time the dubious honor fell to Solana-based blockchain company Credix, which reportedly lost $4.5 million to an undisclosed threat actor after disclosing a recent data breach.
“Credix seems to have had a security breach,” the company posted on X on August 4. We are investigating and will share details soon.” Several hours after DisruptionBanking published this article, the X post had apparently been taken down.
Bridge Over Troubled Waters (Not)
Digital security pundit Peckshield also took to the platform to confirm that Credix had suffered a “compromised admin account […] which has a number of roles, including POOL_ADMIN, BRIDGE, ASSET_LISTING_ADMIN, EMERGENCY_ADMIN, and RISK_ADMIN.”
Peckshield says BRIDGE was the function the cybercriminals used to “drain/borrow pool assets with the estimated loss of $4.5m, including the mint of unbacked acUSDC tokens (Credix Market Sonic USDC).”
Credix CEO Thomas Bohner and CTO Maxim Piessen have so far been silent on the issue – but then that isn’t uncommon in the case of cyberattacks, with targeted firms usually erring on the side of caution when it comes to making full disclosures.
However, later that same day, Credix posted again with what it described as “good news.”
“Reached succesfull [sic] parley with the exploiter who agreed to return the the funds within the next 24-48 hours in return for money fully paid by the credix treasury,” it said.
It is not clear what this amount was or how it compares to the sums reportedly stolen by the cyber gang, who also remain unidentified. Ransomware victims typically pay around 5-10% of the amount stolen.
We’ve Got You (Honest)
Assuring concerned users that it was keeping tabs on all victims, Credix added it would “airdrop them their share of assets in the respective timeframe.”
If that’s the good news, one wouldn’t like to hear the bad.
Belgium-based Credix is primarily built on the Solana blockchain to connect institutional investors with credit fintechs and non-bank lenders in emerging markets.
#DeFi #cryptocurrency #blockchain
Author: Damien Black
The editorial team at #DisruptionBanking has taken all precautions to ensure that no persons or organizations have been adversely affected or offered any sort of financial advice in this article. This article is most definitely not financial advice.
