Infini, a next-generation neobank specializing in stablecoins, has become the victim of a huge double hack, resulting in the loss of $49.5 million worth of USDC. The breach, which was traced back to a compromised private key, has raised urgent concerns about security vulnerabilities in the digital finance realm.
How the Hacks Unfolded
The hack at Infini seems like a well-calculated move. The hackers found a security flaw that allowed them to break into Infini’s system and steal 49.5 million USDC. After gaining access, the hackers quickly converted the stolen USDC into DAI, possibly to cover their tracks and make it harder for authorities to trace the stolen money.
Next, the hackers used the DAI to purchase 17,696 ETH, likely on a decentralized exchange or a popular crypto platform, making their actions blend in with normal trades. Finally, they transferred the 17,696 ETH to a new wallet address, “0xfcc8…6e49.” This new address helped hide the stolen funds. However, moving such a large amount into one wallet could only attract attention and leave clues for investigators.
The Aftermath and Implications
The overall impact of these two hacks is a big loss that has left industry experts and everyday users alike grappling with the implications of such a devastating blow to confidence in DeFi protocols. Following the breach, the Infini’s co-founder issued a statement assuring customers that they would be compensated for any losses incurred. “Please rest assured that we will definitely compensate you and we can afford it,” she stated.
请大家放一百个心,我们绝对赔付,并且赔得起。
但是现在有很多事要做,我就不多花时间安抚大家的情绪了。
我会第一时间同步进展。
请你们相信我和@Christianeth
— 郡主Christine (@0xsexybanana) February 24, 2025
Meanwhile, just days before, popular digital asset exchange Bybit had its wallet compromised resulting in a high-class UI Spoofing attack, which led to a fraudulent transfer of $1.4 billion. The hack has since raised alarm about the inherent vulnerabilities even the most established and reputable digital currency exchanges face.
Yet, in a remarkable turn of events, Bybit successfully recovered more than $43 million of the stolen assets. The recovery was made possible with the help of Polygon’s security team, which played a key role in retrieving the stolen funds. Additionally, Tether acted swiftly to freeze $181,000 in USDT linked to the hack, effectively cutting off further losses and demonstrating the proactive measures needed in the face of such rampant insecurity.
