Shocking $49.5M Heist: Infini Neobank’s Wild Crypto Caper!

by

Oh, gather ’round, dear readers, for a tale of woe and wonder! The crypto-focused neobank Infini has found itself in a right pickle, having reportedly suffered a staggering $49.5 million hack! Yes, you heard that right! A sum so large it could make even the most stoic banker faint! 💸

It all began on a fateful morning, February 24, at the witching hour of 3:18 am UTC, when the ever-watchful CertiK spotted some rather suspicious shenanigans. Unauthorized transfers were afoot from an Infini-related contract on Ethereum (ETH). The dastardly hacker, with the audacity of a cheeky monkey, granted themselves special access to the account “0xc49b…” and whisked away a whopping 49.5 million USD Coin (USDC). How very naughty! 😈

#CertiKInsight 🚨

We have seen suspicious transfers of funds from unverified contracts on Ethereum 0x9A79f4105A4e1A050Ba0b42F25351D394fA7E1DC

The receiver 0x3ac96134fb0e42a52d33045aee50b89790f05ed0 took ~$49.5M and is swapping them for Dai

Stay Vigilant!

— CertiK Alert (@CertiKAlert) February 24, 2025

But wait, there’s more! After the heist, our crafty villain exchanged the stolen 49.5 million USDC for Dai (DAI) and went on a shopping spree, purchasing a staggering 17,696 ETH! Lookonchain, the ever-curious watchdog, reported that this Ethereum treasure was then swiftly moved to a new wallet, “0xfcc8…6e49.” Talk about a slippery thief! 🏃‍♂️💨

It seems that the stablecoin bank @0xinfini was hacked and 49.5M $USDC was stolen.

The hacker swapped 49.5M $USDC for 49.5M $DAI and bought 17,696 $ETH.

The 17,696 $ETH was transferred to a new wallet “0xfcc8…6e49”.

— Lookonchain (@lookonchain) February 24, 2025

In the aftermath of this digital debacle, Infini’s co-founder, in a rather brave attempt to calm the storm, assured customers that their funds would be returned. “Fear not!” they proclaimed, “We can afford to pay you back!” But, oh dear, they also mentioned they had a lot on their plate and wouldn’t be spending too much time soothing frayed nerves. How reassuring! 🙄

“Please rest assured that we will definitely compensate you and we can afford it.

But there are a lot of things to do right now, so I won’t spend any more time trying to calm you down.

I will make progress as soon as possible.

Please believe me and @Christianeth.”

@0xsexybanana, Infini co-founder

Now, it seems this breach was caused by a compromised private key rather than a flaw in the protocol itself. This raises a rather important question: how on earth do we manage our private keys? And what about the security of those clever little smart contracts? 🤔

Launched in 2024, Infini neobank fancied itself as the bridge between traditional banking and the wild world of cryptocurrency. A digital-only financial institution, it operates without any physical branches, offering banking services through mobile apps. Quite the modern marvel, wouldn’t you say?

In addition to traditional banking services, Infini also dabbles in stablecoin transactions and yield-generating accounts. Since its inception, it has seen a meteoric rise in popularity, boasting a 500% monthly growth rate in active users, according to a press release from February 14. Quite the success story, until now! 😬

But alas, the Infini hack is just the latest in a string of high-profile crypto security breaches. Just days before, on February 21, Bybit suffered a jaw-dropping $1.4 billion exploit, making it one of the largest exchange hacks in history. A hacker, with the cunning of a fox, manipulated smart contract logic to drain Bybit’s multisig cold wallet. The exchange is now scrambling to recover stolen assets and has launched a $140 million bounty. What a world we live in! 🦊💰

Read More

2025-02-24 09:17