Infini, a stablecoin payment platform, has launched legal proceedings against a developer and three unidentified individuals after nearly $50 million in digital assets were siphoned from its systems.
Court documents filed in Hong Kong identify developer Chen Shanxuan and three unnamed parties controlling specific Ethereum wallets as defendants in a civil lawsuit. Infini traced approximately 49.5 million USDC to wallet addresses it alleges were involved in the February 24 exploit. The funds are now the subject of a legal dispute.
According to messages posted directly on the blockchain, Infini warned that the crypto assets held in the involved wallets are “contentious in nature.” The company stated that any future holders of those assets would be barred from claiming bona fide purchaser status, citing the public legal challenge as notice.
Blockchain-Based Legal Notice Delivery
Infini, through its parent company BP SG Investment Holding Limited, served legal documents to the unknown defendants using Ethereum onchain messaging. The materials include a writ of summons, affirmation filings, hearing bundles, and a court-issued injunction order from an ex parte hearing held March 17 before Justice Lok.
The injunction, issued on March 18 and served again on March 20 and March 24, requires the wallet holders to attend a hearing scheduled for March 27. The messages specifically identify three wallets—designated as the “Programmer Wallet,” “First Layer Wallet,” and “Second Layer Wallet”—allegedly used to launder the stolen assets.
Infini emphasized that failure to appear could result in a judgment being made in the defendants’ absence. “You are required to attend the Return Date Hearing,” the onchain message states. “Failing which an order may be made in your absence.”
Shortly after the breach, Infini attempted to resolve the matter outside of court. In a message dated February 26, the company claimed to have obtained the attackers’ IP and device information. It offered to halt investigations in exchange for the return of 80 percent of the stolen funds, or approximately 14,156 ETH, to a designated Cobo custodian wallet.
“We are prepared to halt any further tracking or analysis,” Infini wrote. “You will not face any consequences.”
On March 20, a final warning was issued, reiterating the legal risks for any party in possession of the disputed USDC assets. The company warned that its rights remained fully reserved pending the return hearing.
Cybersecurity analysts suggested that the timing of the Infini exploit may have been strategic. Marwan Hachem, chief operating officer of FearsOff, told Cointelegraph that the breach occurred just days after the $1.5 billion Bybit hack, the largest in crypto history.
Hachem stated, “With everyone busy on the investigation and recovery efforts of the $1.5B, the Infini attackers perceived their chances of success to be higher at that moment,”
1
