PeckShield: Credix遭遇攻击，损失约为450万美元

ChainCatcher news, according to monitoring by Shield, CrediX suffered a security vulnerability attack today, with hackers exploiting a compromised administrator account that had multiple management privileges. This account had the following permissions: POOLADMIN (Fund Pool Administrator), BRIDGE (Cross-Chain Bridge Permissions), ASSETLISTINGADMIN (Asset Listing Administrator), EMERGENCYADMIN (Emergency Administrator), RISK_ADMIN (Risk Control Administrator), etc.

The attackers utilized the BRIDGE permission to steal or borrow assets from the fund pool, with estimated losses of around 4.5 million dollars. This also included the minting of counterfeit (unsupported by real assets) acUSDC tokens (Credix Market Sonic USDC).

Previous report indicates that CrediX has disabled its website and prohibited user deposits; users who need to perform operations should withdraw through the contract.