- Cryptocurrency payment firm Infini lost $50 million in USDC through an administrative exploit.
- A former contract developer is suspected of maintaining hidden admin privileges after completing project work.
- The attack was initiated using funds from Tornado Cash mixing service.
- The exploit involved a contract created in November 2024 to facilitate the unauthorized transfer.
- The incident highlights the importance of proper access control management in crypto projects.
A former contract developer allegedly exploited administrative privileges to steal $50 million in USD Coin (USDC) from cryptocurrency payment firm Infini, according to security investigators. The incident underscores growing concerns about insider threats in blockchain projects.
Blockchain security firm Cyvers reported that the suspect had worked on Infini’s contract development before apparently concealing maintained administrative access after project completion. The attack demonstrates the critical importance of thorough security audits and access management in cryptocurrency projects.
The perpetrator initiated the attack by funding their wallet with 1 Ether from Tornado Cash, a cryptocurrency mixing service known for obscuring transaction origins. They subsequently executed the unauthorized transfer of $49.52 million through a smart contract deployed in November 2024.
This incident follows a pattern of similar insider-related cryptocurrency exploits in recent years. Cryptocurrency mixing services like Tornado Cash have frequently been used in such attacks to obscure the flow of stolen funds, making it challenging for investigators to trace the assets’ movement.
The exploitation method highlights vulnerabilities in project handover procedures within the cryptocurrency industry, where proper revocation of administrative privileges is crucial for security. Security experts recommend implementing multi-signature wallets and regular security audits to prevent such incidents.
✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.
Previous Articles:
- Raydium Token Crashes 22% as Pump.fun Appears Set to Launch Rival Trading System
- Bybit Restores $1.4B Ether Gap After Major Hack, Returns to Full Asset Backing
- HK Asia Holdings Doubles Down on Bitcoin, Adds 7 BTC After Share Price Surge
- North Korean Hackers Begin Laundering $140M in Stolen Bybit Crypto
- Montana Lawmakers Reject Bill to Create State Bitcoin Reserve
