Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
The stablecoin project Cashio on Solana has been hacked. According to the preliminary analysis of the SlowMist security team, hackers illegally issued 2 billion CASH tokens by bypassing an unverified account, and converted CASH tokens into 8,646,022.04 UST, 17,041,006.5 USDC and 26,340,965.68 USDT-USDC through multiple applications. LP, total profit value: 52027994.22 USD (more than 50 million USD). At present, the official announcement has been issued to allow users to suspend the use of the contract, and a temporary patch has been released to fix the vulnerability. Attack method (per SlowMist): Contract Vulnerability. Reported loss: $ 52,027,994.22.
- chain
- solana
- protocol
- Cashio
- bug_class
- logic
- date_occurred
- 2022-03-23
- loss_usd
- $52,027,994
- source_id
- sm:cashio::2022-03-23