Infini stolen within 48 hours, textbook-level self-rescue of team and community

Author: Infini

At around 10:24, Beijing time on February 24, 2025, Infini monitored abnormal capital flows. The hacker steals funds through the attack and transfers them to the address 0x3ac96134fb0e42a52d33045aee50b89790f05ed0 . Subsequently, the attacker quickly converted the assets worth about $49.5 million into DAI and ETH , and further transferred the redeemed ETH to the address 0xfcc8ad911976d752890f2140d9f4edd2c64a6e49 .

After the incident, the Infini team immediately took emergency response measures, including:

1. Carry out in-depth investigations , track the flow of funds, and work with security agencies and related partners.

2. Actively contact the affected customers , truthfully inform the situation, and ensure that the customer's rights and interests are not affected.

3. Emergency allocation of funds to ensure that all customers’ withdrawal needs can be handled normally.

As of 18:00 on February 26, 2025, Beijing time, the stolen funds remained at the above address and there were no further signs of transfer. The Infini platform is running normally and all customers ' withdrawal needs have been met. The security team is continuing to track the flow of funds and working with all parties to do their best to recover losses.

Infini Event Timeline

Because Infini has a complete internal fund monitoring system, the team responded quickly after the incident, minimizing losses and impacts:

30 minutes after the incident

· Infini's internal team monitored abnormal capital flows as soon as possible, quickly locked in suspected accounts, and tracked the attack path based on on-chain data.

1 hour after the incident

· Project founder Christian and co-founder Christine promised full compensation in major social media and user communities to ensure the safety of user assets.

· The team quickly allocated $5 million of its own funds to inject it into Cobo wallet to ensure that all users’ withdrawal needs are promptly responded.

· Blockchain security company SlowMist (Slow Mist) intervened in the investigation and confirmed that the attacker had a high technical level and initially analyzed the attack methods.

2 hours after the incident

· Founder Christian publicly stated that this incident was not due to the leakage of personal private keys, but was negligent during the transfer of permissions, and once again emphasized the commitment to full compensation.

6 hours after the incident

· On-chain security analyst ZachXBT posted on the X platform that the stolen funds were not completely cashed out within 40 minutes, and also questioned the failure of USDC issuer Circle to intervene in time to deal with it.

· Cyvers Alerts monitoring shows that hackers exploited historical permission management vulnerabilities, secretly retained contract administrator rights and launched attacks.

12 hours after the incident

· Infini officials have issued a public proposal to hackers, willing to provide a 20% bounty in return in exchange for the return of the stolen funds.

24 hours after the incident

· More than 98% of affected users have completed communication, and all users’ withdrawal requirements have been responded.

48 hours after the incident

· The Infini team continues to optimize security measures and centrally transfer core funds to the most secure Cobo wallet to ensure that all payment, transfer, cash withdrawal and other businesses operate normally.

· The office’s emergency response continues, with team members analyzing on-chain data overnight and working closely with security companies and judicial institutions to ensure smooth progress in the investigation.

· At present, Infini is actively assisting the police and jointly with blockchain security company SlowMist to carry out judicial investigations and on-chain fund tracking, and important progress has been made. Infini will provide the community with a complete report and incident description after the investigation is completed.

The latest progress and future plans of the Infini project

It is worth noting that despite the attack, Infini's core product functions have always been operating normally , and R&D and operation work have not been affected :

·The release of physical cards that support Apple Pay is still progressing as planned.

· The daily income mechanism is expected to be optimized within the next 3-4 weeks to ensure that the safety of the Yield part reaches the highest standard.

· On-chain data shows that although some TVLs fluctuated after the incident, the growth trend of new deposit addresses (new users) is stable , and the market is still full of confidence in Infini.

· The community has a high level of support for Infini , there are fewer negative voices on social media, and community members generally recognize the team's response and handling plans.

Special thanks

In this incident, Infini received extensive support and goodwill from both inside and outside the industry. Du Jun, co-founder of ABCDE, expressed his willingness to provide $5 million to $10 million in financial support to help the Infini platform operate stably. In addition, many industry KOLs have also publicly supported Infini, praising its transparency and ability to respond to crises.

Infini expresses his sincere thanks for this support, especially the understanding and support from the community, users and industry partners. The team promises to continue to do its best to ensure the safety and stability of the platform and provide users with better financial services.