Stablecoin Bank Infini Earn Latest Hack Victim, Sees $49.5M USDC Flow Out to Attackers
Key Takeaways
- DeFi stablecoin bank Infini Earn was exploited for $49.5 million.
- A compromised private key led to two instances of USDC theft.
- Founder Christian Li pledged to personally cover investor losses.
Just days after the largest crypto hack in history , another platform has suffered a massive exploit.
Infini Earn, a decentralized stablecoin bank, was drained of $49.5 million in USDC, marking one of the most significant security breaches in DeFi this year.
Infini Earn Hackers Swap USDC For ETH
The attack , reportedly due to a compromised private key, resulted in two separate transactions siphoning off 11.4 million and 38 million USDC, respectively.
The attacker swiftly converted the stolen USDC into DAI before acquiring 17,696 ETH. These funds were then transferred to a newly created wallet, “0xfcc8…6e49.”
Blockchain analysis suggests that the perpetrator may have been an insider or someone who worked on the initial contract development for Infini.
-
Crypto CryptoQuant CEO Says Alt Season Is Here as Stablecoin Holders Rotate Funds to Altcoins
-
Crypto Stablecoins Face Liquidity Risks: Concerns About Asset Backing Can Lead to Mass Redemptions
-
Crypto Federal Reserve Backs Stablecoins to Expand US Dollar Reach, Calls for Clear Regulations
According to reports, the attacker retained admin access to the contract even after completing their work. Over 100 days later, they used Tornado Cash, a crypto mixing service, to obscure their identity before executing the exploit.
The breach targeted Morpho MEVCapital’s USDC vault, with funds being drained in two transactions. The unauthorized access to the platform’s private key is believed to be the root cause of the exploit.
Infini’s Response and Founder’s Assurance
In the wake of the attack, Infini Earn’s founder, Christian Li, addressed the incident on X.
Li acknowledged the security lapse and took responsibility for failing to properly transfer contract authority, a mistake that ultimately enabled the exploit.
“There is no problem with liquidity. Full compensation can be paid, and the funds are being traced. I know rebuilding trust will be a difficult process, but we won’t give up,” Li stated.
Li reassured users that withdrawals remain open, though financial management operations have been suspended to prevent further risks.
He emphasized that 70% of the stolen funds belonged to institutional investors and assured the community that he would personally bear the losses and settle privately.
Additionally, Li announced plans to reinvest the remaining funds into Infini Vault by the following Monday, aiming to restore normal operations.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
DeFi Oracle RedStone Oracles has been integrated into World Chain
Megabit will launch GPS/USDT 1-75x perpetual contract trading on February 28
Stripe: Stablecoins are one of the most innovative areas of the “Internet economy”
A whale borrowed $2.654 million USDC from Kamino and increased its holdings of 227,600 TRUMP
Trending news
MoreCrypto prices
More
