Verify a decision

{"actor":"system:backfill","investigation_id":"cd360476-a6ef-4cbc-a509-03bc959124c5","kind":"publish","page_slug":"infini","published_at":"2026-05-20T04:09:24.845Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"Infini","sections":[{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://www.infini.money/"},{"credibility":3,"name":"","type":"other","url":"https://www.crypto-reporter.com/newsfeed/infini-launches-global-card-offering-daily-stablecoin-yield-96784/"},{"credibility":3,"name":"","type":"other","url":"https://cryptoslate.com/neobank-infini-celebrates-50m-tvl-then-suffers-49-5m-exploit-due-to-former-insider/"}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://www.certik.com/blog/0xinfini-incident-analysis"},{"credibility":3,"name":"","type":"other","url":"https://www.halborn.com/blog/post/explained-the-infini-hack-february-2025"},{"credibility":3,"name":"","type":"other","url":"https://decrypt.co/307513/crypto-neo-bank-infini-50-million-exploit"},{"credibility":3,"name":"","type":"other","url":"https://invezz.com/news/2025/02/24/crypto-neobank-infini-exploited-for-50m-rogue-developer-suspected/"}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://www.certik.com/blog/0xinfini-incident-analysis"},{"credibility":3,"name":"","type":"other","url":"https://www.livebitcoinnews.com/suspected-infini-hacker-routes-32-7m-in-eth-through-tornado-cash/"},{"credibility":3,"name":"","type":"other","url":"https://crypto.news/infini-exploiter-resurfaces-to-buy-eth-dip/"},{"credibility":3,"name":"","type":"other","url":"https://www.thecoinrepublic.com/2026/02/09/crypto-news-infini-exploiter-wallet-reappeared-with-ethereum-dip-purchase/"}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://defi-planet.com/2025/03/infini-founder-appeals-to-hacker-with-bounty-offer-following-49-5m-heist/"},{"credibility":3,"name":"","type":"other","url":"https://crypto.news/infini-founder-reaffirms-20-bounty-and-legal-immunity-to-infini-hacker-for-return-of-stolen-funds/"},{"credibility":3,"name":"","type":"other","url":"https://www.chaincatcher.com/en/article/2169175"}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://bitcoinethereumnews.com/ethereum/crypto-hacker-behind-infini-exploit-returns-moves-32m-eth-in-fresh-transfers/"},{"credibility":3,"name":"","type":"other","url":"https://crypto.news/infini-exploiter-resurfaces-to-buy-eth-dip/"},{"credibility":3,"name":"","type":"other","url":"https://nairametrics.com/2025/03/04/founder-of-stablecoin-digital-bank-infini-offers-20-bounty-for-return-of-stolen-49-5-million/"}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://www.halborn.com/blog/post/explained-the-infini-hack-february-2025"},{"credibility":3,"name":"","type":"other","url":"https://www.okx.com/en-us/learn/eth-infini-hack-defi-vulnerabilities"},{"credibility":3,"name":"","type":"other","url":"https://rekt.news/infini-rekt"}]}],"sources_used":[],"summary":"Infini is a Hong Kong-based stablecoin neobank offering yield-bearing accounts and a global payment card. On February 24, 2025, a former developer who had covertly retained administrative privileges over Infini's smart contracts drained approximately $49.5 million in USDC from the Morpho MEVCapital vault, converting the funds to ETH and routing them through Tornado Cash. As of May 2026, no funds have been recovered, and the attacker's wallet remained active through at least February 2026.","timeline":[{"date":"2024-11-01","event":"Alleged creation of malicious contract by the developer approximately 114 days before the attack; attacker retains role 0x8e0b (privileged admin) over Infini vault contracts after completing contracted work.","source":""},{"date":"2025-02-24","event":"Attacker funds exploit wallet with 1 ETH from Tornado Cash. Two transactions drain approximately $49.5 million in USDC from the Morpho MEVCapital USDC Vault. Stolen USDC is swapped to DAI on Uniswap and converted to 17,696 ETH (~$49.5M). Funds transferred to wallet 0xfcc8ad911976d752890f2140d9f4edd2c64a6e49. CertiK flags the exploit at 3:18 am UTC.","source":""},{"date":"2025-02-24","event":"Infini founder Christian Li acknowledges the breach on X, accepts personal responsibility, pledges user compensation, and offers the attacker a 20% bounty to return 80% of stolen funds within 48 hours.","source":""},{"date":"2025-02-27","event":"48-hour bounty deadline elapses. Stolen funds remain in attacker's wallet. No contact from the attacker reported.","source":""},{"date":"2025-03-01","event":"Li publicly reaffirms the 20% bounty offer and extends an offer of legal immunity to the attacker. No response from attacker is reported.","source":""},{"date":"2025-07-01","event":"Exploiter's wallet deposits 5,000 ETH into Tornado Cash and sells 1,770 ETH for approximately $5.88 million at $3,322/ETH. PeckShield and CertiK flag the activity.","source":""},{"date":"2025-08-01","event":"Exploiter sells a further 1,771 ETH at approximately $4,202/ETH near a local cycle high.","source":""},{"date":"2026-02-09","event":"After more than 200 days of inactivity, the exploiter's wallet resurfaces, purchasing 6,316 ETH at an average of $2,109 (~$13.32M). The full balance is subsequently transferred to Tornado Cash. At least 15,470 ETH (~$32.7M) has now been routed through Tornado Cash. No funds recovered.","source":""}]},"v":1}