Flash-Loan-Angriff auf Sonic Chain: Hacker erbeutet 200.000 US-Dollar von CrediX nach 2,64-Millionen-Exploit
DeFi zeigt wieder mal seine dunkle Seite: Ein Angreifer nutzte einen Flash-Loan-Exploit auf der Sonic Chain, um CrediX um satte 2,64 Millionen Dollar zu erleichtern – und kassierte dabei 200.000 US-Dollar für sich selbst. Die Ironie? Die gleiche Technologie, die Kreditvergabe revolutionieren soll, wird zur Waffe.
Wie es passierte: Der Hacker manipulierte die Preis-Orakel von CrediX, nutzte den Hebel eines Blitzkredits und ließ das Protokoll in einem klassischen „Pump-and-Dump“-Manöver bluten. Die Sonic Chain, eigentlich für hohe Geschwindigkeiten optimiert, hatte hier offenbar keine Bremsen.
Die Opfer? Wie immer die Kleinanleger. Während die Börsen-CEOs ihre dritten Teslas kaufen, bleibt die Community auf den Verlusten sitzen. Aber hey – wer nicht spekuliert, gewinnt nicht, oder?
CrediX disabled deposits
The Sonic chain remains safe, but CrediX has not yet clarified the exact reason for the exploit. The lending startup announced that its deposits are closed to avoid further attacks.
website has been disabled to prevent users from depositing. Please use contracts to withdraw
— CrediX (@CrediX_fi) August 4, 2025
However, further investigation showed that the flash loan was not available to general users. The exploiter, instead, managed to secure admin access to a multisig wallet, allowing control over the bridge function.
Although the initial unauthorized withdrawals were small, the attacker managed to mint up to $4.5M in unauthorized bridged USDC tokens. The attacker minted collateral tokens, allowing the creation of a loan. The loan was outsized compared to the available liquidity, draining the protocol’s pool in essence.
According to SlowMist, the attacker prepared six days ago by gaining admin access to one of the lending platform’s multisig wallets. While the protocol did not have sufficient liquidity for a major hack, the ability to mint tokens unbacked by a deposit allowed the hacker much bigger leeway when taking out a loan.
CrediX extends series of small-scale attacks
CrediX is a relatively minor lending protocol, locking in just 219.64 SOL. The project aims to build up its growth as Solana-based lending is expanding. The attacked version is fully supported on Sonic, offering P2P lending between small-scale users.
The relatively small-scale hacks follow the attack on SuperRare, which took $730K by exploiting an infrequently used smart contract.
The attack against CrediX shows that even small and relatively obscure protocols are not safe when hackers find a way to drain their remaining liquidity.
The CrediX protocol has shown extremely limited activity, with most of the remaining funds locked in USDC tokens.
The attack happened at a time when Sonic bridging was generally highly active. The Sonic chain sees around 20K daily active users, sinking to a lower baseline after the HYPE around its launch. Sonic total value locked has also slid, from around $1B down to $439M.
The Sonic chain suffered a similar hack in May, where an oracle mispricing led to a $700K unauthorized outflow from Vicuna Finance. Sonic has also sparked fears of repeating the fate of Fantom, its earlier incarnation. Fantom was hacked for $200M and lost most of its volumes, later reinventing itself as the Sonic L2 chain.
Cryptopolitan Academy: Want to grow your money in 2025? Learn how to do it with DeFi in our upcoming webclass. Save Your Spot
