Infini founder reaffirms 20% bounty and legal immunity to Infini hacker for return of stolen funds

Bitget App

Trade smarter

Crypto.News2025/03/02 16:00

By:By Darya NassedkinaEdited by Dorian Batycka

Christian Li, the founder of the stablecoin digital bank Infini, left the hacker another message in a blockchain transaction, reinstating the white-hat agreement and 20% bounty of the stolen funds.

Li transferred 0.1 ETH to the hacker’s address, who was responsible for stealing $49.5 million from Infini’s wallets. In the message accompanying the transaction , Christian acknowledged the hacker’s skill in identifying vulnerabilities in the neobank’s protocol and proposed a white-hat agreement, offering the hacker 20% of the stolen assets as a bounty. Furthermore, he assured the hacker that no legal action would be taken if they comply and return the funds.

Infini founder reaffirms 20% bounty and legal immunity to Infini hacker for return of stolen funds image 0

Source: Etherscan

This is the second message Infini sent the hacker in a blockchain transaction. On Feb. 24, the day when the hack occured, Infini warned the hacker, stating that they were monitoring the address in question and were prepared to take action and freeze the stolen funds if necessary. They also offered a 20% bounty for the return of the stolen assets, giving the hacker 48 hours to respond and stating that failure to do so would result in continued investigation with law enforcement.

Important update:

We’ve identified critical info regarding the exploit and we’re monitoring involved addresses. pic.twitter.com/xqZwRYg4CS
— Infini (@0xinfini) February 24, 2025

The hacker stole $49.5 million from Infini’s wallets. Just days before the hack, Infini announced it had reached $50 million in total value locked.

CertiK first identified suspicious activity on Feb. 24, noting unauthorized transfers from an Infini-related contract on Ethereum. The hacker gained special access to the account “0xc49b…” and withdrew 49.5 million USD Coin ( USDC ). The stolen funds were exchanged for Dai ( DAI ) and used to purchase 17,696 Ethereum ( ETH ). Lookonchain later reported that the Ethereum was moved to a new wallet, “0xfcc8…6e49.” Following the hack, Infini’s co-founder assured customers that they would be reimbursed.

According to Cyvers , the exploit occurred because a developer who helped set up the smart contract retained admin rights. Three months later, the developer used these rights to drain the funds to a wallet funded through the crypto mixer Tornado Cash . As such, the breach appears to have been caused by a compromised private key as opposed to to a vulnerability in the wallet infrastructure, as was the case with Bybit’s hack .

🚨ALERT🚨Today, @0xinfini suffered a $49M $USDC exploit due to an attacker abusing retained administrative privileges.

The attacker, operating from 0xc49b5e5b9da66b9126c1a62e9761e6b2147de3e1, had initially developed the contract as part of the Infini project. However, after… pic.twitter.com/olguOyNCJr
— 🚨 Cyvers Alerts 🚨 (@CyversAlerts) February 24, 2025

Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.

PoolX: Locked for new tokens.

APR up to 10%. Always on, always get airdrop.

Lock now!

Explore the best new meme coins to join for long-term gains! Arctic Pablo Coin's presale explodes, Apu Apustaja surges, and Act I: The AI Prophecy takes AI crypto by storm.Earn While You Hold: Arctic Pablo Coin’s 66% APY Staking and Referral IncentivesApu Apustaja Surges as Community Interest PeaksAct I: The AI Prophecy Gains Traction as AI Crypto BoomsFinal Thoughts—Why Arctic Pablo Coin Stands Out

Coinomedia•2025/03/04 05:11