Infini Hacked: Team and Community's Textbook Self-Recovery in 48 Hours

Source: Infini

At around 10:24 AM Beijing time on February 24, 2025, Infini detected abnormal fund movement. Hackers stole funds through an attack and transferred them to the address 0x3ac96134fb0e42a52d33045aee50b89790f05ed0. Subsequently, the attacker quickly converted assets worth approximately 49.5 million US dollars into DAI, ETH, and further transferred the exchanged ETH to the address 0xfcc8ad911976d752890f2140d9f4edd2c64a6e49.

Following the event, the Infini team took immediate emergency response measures, including:

1. Conducting a thorough investigation to track the fund flow and collaborating with security agencies and relevant partners.

2. Proactively reaching out to affected clients, providing accurate information on the situation, and ensuring that clients' interests are safeguarded.

3. Emergency fund allocation to ensure all client withdrawal requests can be processed normally.

As of 6:00 PM Beijing time on February 26, 2025, the stolen funds are still held in the above-mentioned address, with no further signs of transfer. The Infini platform is operating as usual, and all client withdrawal requests have been fulfilled. The security team is actively tracking the fund flow and cooperating with all parties to recover the losses to the fullest extent.

With the collective efforts of the team, Infini has temporarily overcome this crisis. Infini will continue to strengthen its security measures to protect user assets and will provide timely updates to the community on progress.

Infini Incident Timeline

Due to Infini's robust internal fund monitoring system, the team responded quickly to the incident, minimizing losses and impacts:

Within 30 Minutes of the Incident

· The Infini internal team promptly detected abnormal fund movement, swiftly locked the suspicious account, and traced the attack path based on on-chain data.

1 Hour After Incident

· Project founder Christian and co-founder Christine made a full refund commitment on major social media and user communities to ensure the safety of user assets.

· The team swiftly transferred $5 million of their own funds to inject into the Cobo Wallet to ensure timely response to all user withdrawal requests.

· Blockchain security company SlowMist intervened in the investigation and confirmed that the attacker has a high level of technical expertise, providing initial analysis of the attack method.

2 Hours After Incident

· Founder Christian publicly stated that the event was not due to a private key leak but due to negligence in the custody transfer process, reiterating the full refund commitment.

6 Hours After Incident

· On-chain security analyst ZachXBT posted on Platform X, pointing out that the stolen funds were not fully liquidated within 40 minutes, while questioning the delayed intervention of USDC issuer Circle.

· Cyvers Alerts monitoring indicated that the hacker exploited a historical permission management vulnerability, secretly retaining contract administrator privileges and launching the attack.

12 Hours After Incident

· Infini's official team made a public proposal to the hacker, offering a 20% bounty as a reward in exchange for the return of the stolen funds.

24 Hours After Incident

· Over 98% of affected users have been contacted, and all user withdrawal requests have been addressed.

48 Hours After Incident

· The Infini team continues to optimize security measures, transferring core funds to the most secure Cobo Wallet to ensure normal operation of payment, transfers, withdrawals, and all other business functions.

· Internal emergency response within the office continues, with team members analyzing on-chain data overnight, closely cooperating with the security company and law enforcement agencies to ensure smooth progress of the investigation.

· Currently, Infini is actively assisting law enforcement and conducting a judicial investigation and on-chain fund tracing in collaboration with the blockchain security company SlowMist, with significant progress already made. Infini will provide a full report and event explanation to the community once the investigation is completed.

Latest Progress and Future Plans of the Infini Project

It is noteworthy that despite facing a security incident, the core features of the Infini project have remained operational, and both development and operations have been unaffected:

· The release of the Physical Card with Apple Pay support is proceeding as planned.

· The daily yield mechanism is expected to be optimized within the next 3-4 weeks to ensure the highest level of security for the Yield component.

· On-chain data indicates that despite some TVL fluctuations post-incident, the growth trend of new deposit addresses (new users) remains stable, demonstrating continued market confidence in Infini.

· The community's support for Infini is strong, with minimal negative sentiments on social media, and community members widely acknowledging the team's response measures and solutions.

Special Thanks

During this incident, Infini has received wide support and goodwill from both within and outside the industry. ABCDE's co-founder, Du Jun, has expressed willingness to provide a funding support of $5 to $10 million to assist in the stable operation of the Infini platform. Additionally, several industry KOLs have publicly voiced their support for Infini, praising its transparency and crisis management capabilities.

Infini expresses sincere gratitude for this support, especially from the community, users, and industry partners for their understanding and backing. The team is committed to continue giving their all to ensure the platform's security and stability, and to provide users with high-quality financial services.

Below are some voices from industry KOLs. The number of voices is substantial, and only a selection can be presented here: