Hong Kong-based stablecoin bank [Neobank] Infini experienced a major security breach on February 23 resulting in the theft of $49.5 million in USD Coin (USDC). The attack comes just days after the $1.4 billion hack of cryptocurrency exchange Bybit.
Hacker Exploits Private Key to Drain Funds
According to blockchain security firm PeckShield, the attacker gained access to a private key, allowing them to steal 49.5 million USDC from Infini’s vault. Notably, the stolen funds were moved in two separate transactions: one involving 11,455,666 USDC and another of 38,060,996 USDC, as recorded on Etherscan.
Per Peckshield, the hacker then swapped the stolen USDC for DAI, converted it to Ethereum (ETH) via the crypto mixer Tornado Cash, and deposited it into a new wallet, effectively obfuscating the transaction trail.
Infini Founder Reacts Post-Hack
Christian Li, founder of Infini, reassured users that the platform remains operational and that user withdrawals have not been affected. In addition, Li expressed shock as the Infini hack closely followed the $1.5B security breach on Bybit. ‘A friend once joked that I had been having too smooth sailing along the way. I said that I was always ready for the first disaster, but I didn’t expect that I would be the one to run into trouble right after Bybit.”
Notedly, he acknowledged his role in the breach, stating, “I was negligent when transferring the authority before. It is ultimately my responsibility. This has sounded the alarm.’
Hence, Christian Li emphasized that Infini will fully compensate affected users regardless of the investigation’s outcome.’Thank you friends for your voice and support. There is no problem with liquidity. Full compensation can be paid and the funds are being traced,” said the Infini founder.
The incident highlights the ongoing vulnerabilities in crypto platforms, particularly those dealing with stablecoins and large institutional funds. Infini’s response and future security measures will be closely monitored as the industry continues to address cybersecurity threats.
