Infini, a Hong Kong-based stablecoin neobank, was exploited for approximately $50 million in USDC through an insider exploit by a former developer who retained administrative privileges on the contract. The attack involved the use of Tornado Cash to fund the exploit. The attacker converted the stolen USDC into 49.5 million DAI and then purchased 17,696 ETH, which was subsequently transferred to a new wallet address, 0xfcC8Ad911976d752890f2140D9F4edd2c64a6e49. The funds were stolen from Morpho MEVCapital Usual USDC Vault. The exploit occurred just after Infini celebrated reaching a $50 million total value locked (TVL) milestone. Infini's founder, Christian, has taken responsibility for the security lapse and assured users that the platform remains financially stable. He has committed to fully compensating affected users, noting that 70% of the stolen funds belonged to close associates and he is using his personal funds to cover potential losses. Christian is actively working to trace and recover the stolen funds, with the team monitoring involved addresses.