Cashio, a Solana-based stablecoin system, was hacked in an infinite glitch assault, according to its developers, the price of Cashio’s CASH token collapsed nearly zero as a result of the exploit. The CASH token team advised users not to generate any CASH token further on Twitter. The team further informed about a glitch with infinite mint and assured to look into the problem.
Please do not mint any CASH. There is an infinite mint glitch.
We are investigating the issue and we believe we have found the root cause. Please withdraw your funds from pools. We will publish a postmortem ASAP.
— Cashio ($CASH) 💵 (@CashioApp) March 23, 2022
CASH token of Cashio and Infinite Glitch hack
CASH is a stablecoin tied to the US dollar that is backed by USDC and USDT through a liquidity pool on Saber, a Solana-based market maker. Users can create CASH tokens by supplying liquidity in the form of USDT and USDC.
The hacker was able to alter Cashio’s smart contracts on Wednesday to create a limitless amount of CASH tokens without delivering any liquidity in exchange. Without any USDC or USDT backing, over 2 billion CASH tokens were produced, according to blockchain statistics.
On Cashio’s liquidity pools, the hacker exchanged the freshly created tokens for stablecoins. The total value locked (TVL) on Cashio plummeted by $28 million after the hack. Similar attacks have been made on stablecoins based on various protocols in the past. After an attack in June 2021, the Polygon-based Safedollar fell to zero, with the hacker misappropriating both USDC and USDT.
