Infrared Finance Copycat On Base Access Control Drain Issue

From Quadriga Initiative Cryptocurrency Hacks, Scams, and Frauds Repository
Jump to navigation Jump to search

Notice: This page is a freshly imported case study from an original repository. While the original content had a similar format, some sections may not have been fully completed. Please help fill in any empty sections or any missing information you can find. If you are new here, please read General Tutorial on Wikis or Anatomy of a Case Study for help getting started.

Notice: This page contains sources which are not attributed to any text. The unattributed sources follow the initial description. Please assist by visiting each source, reviewing the content, and placing that reference next to any text it can be used to support. Feel free to add any information that you come across which isn't present already. Sources which don't contain any relevant information can be removed. Broken links can be replaced with versions from the Internet Archive. See General Tutorial on Wikis, Anatomy of a Case Study, and/or Citing Your Sources Guide for additional information. Thanks for your help!

Base Blockchain

A smart contract at address 0x4999b48c62d45708809ea8a04516aa09ba3459d5, created on May 18th, has been linked by TenArmor to a potential exploit involving approximately $43,000 in losses. The exploit reportedly stemmed from inadequate access controls and input validation in the function 0x71561f89(), allowing an attacker to redirect collateral funds to a malicious contract. While TenArmor speculates a connection to Infrared Finance, no direct evidence has been presented, and Infrared Finance has not acknowledged the incident publicly. It remains unclear whether the affected protocol is Infrared Finance or a copycat, and no support or follow-up appears to have been provided to impacted users.[1][2][3][4][5][6]

About Smart Contract In Question

The smart contract in question is at blockchain address 0x4999b48c62d45708809ea8a04516aa09ba3459d5. It was first created on May 18th. TenArmor has speculated that this smart contract is related to Infrared Finance, though no reasoning has been brought forward.

About Infrared Finance

Infrared is a decentralized finance (DeFi) protocol built on the Berachain blockchain that streamlines access to Proof of Liquidity (PoL) through easy-to-use liquid staking products. Infrared plays a pivotal role in the Berachain ecosystem by providing robust tools for staking and yield generation. Its emphasis on user-friendly infrastructure, including vaults and node services, positions it as a key protocol in driving Berachain’s growth and liquidity provisioning.

With a focus on simplifying the user experience, Infrared offers "one-click" staking solutions that enable users to earn rewards by participating in Berachain's PoL system. As of now, the protocol boasts a total value locked (TVL) of $653.88 million, highlighting its growing adoption and trust within the ecosystem.

Infrared provides access to high-yield vaults, some offering up to 574.98% APR, designed to maximize returns from PoL participation. Two key products offered are iBGT and iBERA. iBGT is a liquid version of the Berachain Governance Token (BGT) that allows users to benefit from PoL rewards without giving up liquidity. It currently offers an APR of 162.7%. iBERA is a liquid staking token for BERA, Berachain's native token, making staking more accessible with a current APR of 4.42%.

The Reality

This sections is included if a case involved deception or information that was unknown at the time. Examples include:

  • When the service was actually started (if different than the "official story").
  • Who actually ran a service and their own personal history.
  • How the service was structured behind the scenes. (For example, there was no "trading bot".)
  • Details of what audits reported and how vulnerabilities were missed during auditing.

What Happened

A smart contract created on May 18th, was exploited and drained due to an access control issue.

Key Event Timeline - Infrared Finance Copycat On Base Access Control Drain Issue
Date Event Description
May 18th, 2025 7:20:35 AM MDT Exploited Contract Created The exploited smart contract was first created on the Base smartchain.
June 22nd, 2025 9:13:03 AM MDT Attack Transaction On Base The attack transaction which results in the $43k loss being reported.
June 22nd, 2025 8:38:00 PM MDT TenArmor Posts Tweet Report TenArmor posts a tweet which reports and analyzes the attack.
June 23rd, 2025 4:12:00 AM MDT New Berasearch Team Member The Infrared Finance team reports that user Berasearch is joining their team. It is unclear if this is related to the incident.

Technical Details

From TenArmor: "It seems that the 0x71561f89() function lacks proper access control and input validation, allowing the attacker to set a malicious contract as an approved vault. Then the attacker can call the useCollateral() function to transfer the collateral pool's funds to the malicious contract."

Total Amount Lost

TenArmor reports that the loss was approximately $43k USD.

The total amount lost has been estimated at $43,000 USD.

Immediate Reactions

It does not appear that Infrared Finance has posted any update or acknowledgement on their Twitter/X account.

It's unclear if the affected protocol is Infrared Finance or may be a copy-cat contract.

Ultimate Outcome

It does not appear that the issue was ever publicly addressed by Infrared Finance.

Total Amount Recovered

It is unclear which project is related to this smart contract breach, and whether any assistance was provided to affected users.

There do not appear to have been any funds recovered in this case.

Ongoing Developments

There are no other posts or analyses relating to this transaction.

Individual Prevention Policies

No specific policies for individual prevention have yet been identified in this case.

For the full list of how to protect your funds as an individual, check our Prevention Policies for Individuals guide.

Platform Prevention Policies

Policies for platforms to take to prevent this situation have not yet been selected in this case.

For the full list of how to protect your funds as a financial service, check our Prevention Policies for Platforms guide.

Regulatory Prevention Policies

No specific regulatory policies have yet been identified in this case.

For the full list of regulatory policies that can prevent loss, check our Prevention Policies for Regulators guide.

References

  1. TenArmor Alert - "Our system has detected a suspicious attack involving @InfraredFinance on #BASE, resulting in an approximately loss of $43K." - Twitter/X (Accessed Jun 30, 2025)
  2. Attack Transaction - BaseScan (Accessed Jun 30, 2025)
  3. Exploited Smart Contract - BaseScan (Accessed Jun 30, 2025)
  4. Exploited Smart Contract Creation - BaseScan (Accessed Jun 30, 2025)
  5. Infrared Finance Vaults (Accessed Jun 30, 2025)
  6. Infrared Finance Homepage (Accessed Jun 30, 2025)
Retrieved from "https://quadrigainitiative.com/cryptocurrencyhackscamfraudwiki/index.php?title=Infrared_Finance_Copycat_On_Base_Access_Control_Drain_Issue&oldid=6823"