Home Articles Infini Earn Loses $49.5M in Latest DeFi Hack, Inside Job Suspected

Infini Earn Loses $49.5M in Latest DeFi Hack, Inside Job Suspected

David Marsanic

February 24th, 2025

Editor:

Joseph Alalade

Before the crypto space could recover from the $1.4 billion Bybit hack, another breach rocked the space. This time, the DeFi platform Infini Earn fell victim to a $49.5 million attack. What’s worse, the hack showed signs of a potential inside job.

On Monday, February 24, hackers exploited the staking service provider Infini Earn protocol, resulting in $49.5 million in losses. Specifically, attackers gained unauthorized access through a compromised private key.

It seems that the stablecoin bank @0xinfini was hacked and 49.5M $USDC was stolen.

The hacker swapped 49.5M $USDC for 49.5M $DAI and bought 17,696 $ETH.

The 17,696 $ETH was transferred to a new wallet "0xfcc8…6e49".https://t.co/AdAyB3q5LA pic.twitter.com/Rft6ZDtDWO
— Lookonchain (@lookonchain) February 24, 2025

After obtaining the key, the hackers siphoned $49.5 million USDC from the liquidity pool. They then transferred the funds to a new wallet and converted $49.5 million USDC to the DAI stablecoin. Following that, hackers used the wallet to buy 17,696 ETH at $2,798 each and dispersed them across multiple wallets.

🚨ALERT🚨Today, @0xinfini suffered a $49M $USDC exploit due to an attacker abusing retained administrative privileges.

The attacker, operating from 0xc49b5e5b9da66b9126c1a62e9761e6b2147de3e1, had initially developed the contract as part of the Infini project. However, after… pic.twitter.com/olguOyNCJr
— 🚨 Cyvers Alerts 🚨 (@CyversAlerts) February 24, 2025

Arguably, the most concerning aspect of the incident is the potential for insider involvement. Blockchain security firm Cyvers discovered a trail leading to one of the developers involved in the contract. According to the firm, the developer secretly kept admin rights after delivering the project.

This revelation raises serious questions about potential vulnerabilities in other DeFi protocols. Users also questioned possible North Korean involvement. Notably, the Lazarus Group, the group behind the Bybit hack, previously posed as developers to get privileged access to crypto projects.

Infini Earn Founder Promises to Compensate Users

Following the hack, Infini Earn founder Christian Li expressed regret over the incident. He revealed that his personal wallet wasn’t compromised and conceded he had been negligent.

In any case, he assured users that the protocol has enough liquidity to operate and that users can withdraw their funds normally. He also promised to compensate all hack victims if they fail to recover the funds.

“In the worst-case scenario,” he explained, “full compensation will be paid.”

The Infini Earn hack is the latest high-profile incident after the Bybit exploit, the biggest crypto hack in history. In the Bybit case, North Korean hackers performed a sophisticated phishing attack to target the exchange’s cold wallet.

Contributors

David Marsanic

News writer

Popcat Soars to New ATH as Investors Eye Solciety

Here’s Why Pi Network Coin Price May Surge 85% Soon

Crispus Nyaga

Crypto Market Plummets as Tariff News Sparks Panic

Hyomi Song

Hedera and Stellar Pull Back After a Strong Rally: What’s Next?

David Marsanic

{"cryptoCoinData":{"marketData":{"coinGeckoId":"bitcoin","symbol":"BTC","name":"Bitcoin","currentPrice":84348,"high24H":93668,"low24H":82842,"priceChange24H":-8454.43178929412,"priceChangePercentage24H":-9.11018,"lastUpdated":"2025-03-04T03:54:28.651Z"}},"cryptoCoin24HSparkline":{"price":[92802.00260592828,92880.18195524142,93266.14538139186,91972.62134957191,92141.26829952205,91918.38767896435,91823.33464385332,92002.73102623879,92554.9806708852,92932.01505957694,92881.59633512906,93602.24358649811,89948.47284407713,90078.29699874723,90100.55793547307,90467.76819529622,87217.91837213306,87269.25975625361,85951.6436719417,86021.21515970273,86440.9458154883,86346.0951803105,86144.57421930492,85683.32853155037,83047.13713746797,84096.68830895911]},"heading":null}