Infini suffers $50 million exploit by former developer

Infini, a stablecoin payment company, suffered a significant security breach resulting in the loss of $50 million. The exploit was allegedly carried out by a developer who had worked on the Infini project as a contractor and secretly retained administrative rights after completing the work.

Security firm Cyvers provided details on the incident, revealing that the attacker used a wallet funded with 1 Ether from the cryptocurrency mixing service Tornado Cash to execute the theft.

The perpetrator reportedly created a contract in November 2024 and used it to transfer $49.52 million worth of USD Coin (USDC) from Infini. The USDC was then immediately exchanged for Dai (DAI), a stablecoin that lacks a freeze function, making it difficult to halt the transfer of funds. The attacker converted the funds into 17,696 Ether (ETH) and moved them to a secondary address.

Despite the theft, the Infini team did not suspend withdrawals. Founder Christian Li, in a post on X, assured that full compensation would be provided in a worst-case scenario. He also noted that the platform had seen $500,000 in withdrawals since the incident.

A member of the Infini team, known as "Christine," initially tweeted that the engineer responsible for the theft had been identified and reported to law enforcement. However, the tweet was later deleted, and when pressed for confirmation, Christine stated that the investigation was ongoing.

This attack on Infini follows the largest hack in cryptocurrency history, where Bybit, a cryptocurrency exchange, lost $1.4 billion in Ether and related tokens on February 21. Bybit managed to maintain withdrawals and closed its Ether gap, thanks to loans from partners and rival exchanges.

The Bybit hack has been tentatively linked to North Korea's state-sponsored hacking group Lazarus by onchain detective ZachXBT, who also connected the group to previous attacks on other exchanges. The recent exploit of Infini adds to the growing concerns over security in the cryptocurrency industry.

This article was generated with the support of AI and reviewed by an editor. For more information see our T&C.