Infini was stolen, and within 48 hours, the team and community executed a textbook-level self-rescue

Author: Infini

On February 24, 2025, around 10:24 Beijing time, Infini detected abnormal fund flows. Hackers stole funds through an attack and transferred them to the address 0x3ac96134fb0e42a52d33045aee50b89790f05ed0. Subsequently, the attackers quickly converted assets worth approximately 49.5 million USD into DAI and ETH, and further transferred the exchanged ETH to the address 0xfcc8ad911976d752890f2140d9f4edd2c64a6e49.

After the incident, the Infini team took emergency response measures immediately, including:

1. Conducting an in-depth investigation, tracking the flow of funds, and coordinating with security agencies and relevant partners.

2. Proactively contacting affected customers, informing them of the situation truthfully, and ensuring their rights are not compromised.

3. Urgently reallocating funds to ensure that all customer withdrawal requests can be processed normally.

As of February 26, 2025, 18:00 Beijing time, the stolen funds remain at the aforementioned address, with no further transfer signs observed. The Infini platform is operating normally, and all customer withdrawal requests have been fully met. The security team is continuously tracking the flow of funds and collaborating with all parties to recover losses to the greatest extent possible.

Infini Incident Timeline

Due to Infini's comprehensive internal fund monitoring system, the team responded swiftly after the incident, minimizing losses and impacts:

30 Minutes After the Incident

· The Infini internal team detected abnormal fund flows immediately, quickly identifying the suspicious accounts and tracking the attack path based on on-chain data.

1 Hour After the Incident

· Project founder Christian and co-founder Christine promised full compensation on major social media and user communities, ensuring the safety of user assets.

· The team quickly allocated 5 million USD of its own funds to the Cobo wallet to ensure timely responses to all user withdrawal requests.

· The blockchain security company SlowMist intervened in the investigation and confirmed that the attackers possessed a high level of technical skill, initially assessing the attack methods.

2 Hours After the Incident

· Founder Christian publicly stated that the incident was not due to the leakage of personal private keys, but rather due to negligence during the transfer of permissions, reiterating the commitment to full compensation.

6 Hours After the Incident

· On-chain security analyst ZachXBT posted on X platform, pointing out that the stolen funds had not been fully liquidated within 40 minutes, while questioning the USDC issuer Circle for not intervening in a timely manner.

· Cyvers Alerts monitoring indicated that the hackers exploited historical permission management vulnerabilities, secretly retaining contract administrator permissions to launch the attack.

12 Hours After the Incident

· Infini officially issued a public proposal to the hackers, offering a 20% bounty in exchange for the return of the stolen funds.

24 Hours After the Incident

· Over 98% of affected users have completed communication, and all user withdrawal requests have been responded to.

48 Hours After the Incident

· The Infini team continued to optimize security measures, concentrating core funds into the most secure Cobo wallet to ensure that payments, transfers, withdrawals, and other operations are running normally.

· Internal emergency responses continued, with team members analyzing on-chain data overnight, closely cooperating with security companies and judicial institutions to ensure the smooth progress of the investigation.

· Currently, Infini is actively assisting the police and collaborating with the blockchain security company SlowMist to conduct judicial investigations and on-chain fund tracking, with significant progress already made. Infini will provide a complete report and explanation of the incident to the community after the investigation is completed.

Latest Developments and Future Plans for Infini

It is worth noting that despite the attack, Infini's core product functions have remained operational and the R&D and operational work has not been affected:

· The release of the physical card supporting Apple Pay is still progressing as planned.

· The daily yield mechanism is expected to be optimized within the next 3-4 weeks, ensuring that the Yield portion's security meets the highest standards.

· On-chain data shows that although some TVL fluctuated after the incident, the growth trend of new deposit addresses (new users) remains stable, and the market still has confidence in Infini.

· Community support for Infini is high, with minimal negative voices on social media, and community members generally recognize the team's response measures and handling plans.

Special Thanks

In this incident, Infini received widespread support and goodwill from both within and outside the industry. Du Jun, co-founder of ABCDE, expressed willingness to provide funding support ranging from 5 million to 10 million USD to help ensure the stable operation of the Infini platform. Additionally, several industry KOLs publicly voiced their support for Infini, praising its transparency and responsiveness during the crisis.

Infini sincerely thanks all supporters, especially the understanding and support from the community, users, and industry partners. The team promises to continue to do its utmost to ensure the platform's security and stability, and to provide users with higher quality financial services.