慢雾分析:黑客通过绕过未被验证的账号,非法增发20亿个CASH

Solana上的稳定币项目Cashio今日遭遇黑客攻击。据慢雾安全团队初步分析,黑客通过绕过一个未被验证的账号,非法增发了20亿个CASH代币,并通过多个应用将CASH代币转化为 8,646,022.04 UST 17,041,006.5 USDC 和26,340,965.68 USDT-USDC LP,获利总价值:52027994.22 USD(5000多万美金)。目前官方@CashioApp已发出公告让用户暂停使用合约,并发布临时补丁修复了漏洞。攻击者CASH代币账号:https://solscan.io/account/26rFraKwk3gurdLLzR2aU5Z2sGA4jJ4Nnr7QDECu5BAK攻击交易:https://solscan.io/tx/4fgL8D6QXKH1q3Gt9GPzeRDpTgq4cE5hxf1hNDUWrJVUe4qDJ1xmUZE7KJWDANT99jD8UvwNeBb1imvujz3Pz2K5

Leave a Reply

Your email address will not be published. Required fields are marked *

five − 4 =