Hacker Of Solana Based Cashio Will Return Part Of Stolen Funds

BitcoinistPubblicato 2022-03-29Pubblicato ultima volta 2022-03-29

Introduzione

The team behind Cashio, a Solana-based dApp that was hacked last week, published a postmortem report on the attack. In...

The team behind Cashio, a Solana-based dApp that was hacked last week, published a postmortem report on the attack. In one of the biggest hacks on this network, the bad actors managed to steal $50 million by exploiting a vulnerability on the dApp.
As Bitcoinist reported, to use Cashio, users need to mint CASH by making SABER deposits on the USDT-USDC pool. Saber operates as a cross-chain AMM for Solana-based stablecoins.
The bad actor apparently exploited a point of failure on Cashio’s account validation system. This security component was incomplete and enable the bad actor to create multiple accounts.
The report from Saber Labs records an increase in activity for the CASH pools. Thus, there was more capital locked on Cashio than usual, probably making it more attractive for the bad actors.
The team at Saber Labs claimed it took measures to prevent something similar from happening in the future. In particular, they will be more transparent with their code reviewing and auditing process.
Any product on the Saber ecosystem, they announced, will be reviewed to guarantee the safety of the funds. This measure will not apply to closed source protocol which, Saber Labs believes, “have the benefit of being much harder to hack”.
Saber Labs apologized for the attack on its users. They claimed to lack the funds to “payback depositors”, or to economically amend this “catastrophic” event to Saber users.
The team made the following announcement in an attempt to revert a situation that they believe could negatively impact its users:
If you are the hacker and are reading this, we hope you will consider returning the funds rather than donating them to charity: accounts with over $100k are often users’ life savings on leverage, and many of us will seriously be affected financially after this incident. We are willing to give $1M of USDC as a bounty if the funds are returned.
Solana dApp Hacker Pulls A Robinhood
This plead was apparently listened to and replied to for the benefit of Cashio users. According to a pseudonym user, the bad actors decided to return the funds to those with accounts that lost under $100,000 in CASH.
In order to get their funds back, users need to access the following link. This will lead them to an open-source platform created to receive refunds submissions.
The creator of this website published the Github link to the open-source code that supports the refund submission platform. Thus, anyone can verify its authenticity and should check for any potential vulnerabilities or malicious code.
The attacker or attacker left the following message on their actions:
The intention (with the Cashio hack) was only to take money from those who do not need it, not from those who do. Will be using the th gains to return more funds to those affected, even some accounts more than 100k. Will not return funds to accounts that already receive refund.
The attacker made several demands, including potential leaders for the organization backing the Solana dApp.
Thanks @wireless_anon for setting this up. We have deployed the same code at https://t.co/i4KtrqfB8E
We will send out a tutorial on how to use this and how to verify you entered everything correctly soon, as well as more information on how to submit the signatures to us after. https://t.co/RncwVBCmfE
— Cashio ($CASH) 💵 (@CashioApp) March 28, 2022
At the time of writing, Solana (SOL) trades at $112 with a 1% profit on the 4-hour chart.

Solana SOL SOLUSDT

SOL with moderate profits on the 4-hour chart. Source: SOLUSDT Tradingview

Letture associate

Countdown to the CLARITY Act: 25 Days Left—What Will Happen to the Crypto Market if It Fails to Pass Before the August Recess?

"The CLARITY Act, a key US crypto market structure bill, faces a tight deadline with only 25 working days left before the Senate's August 10 recess. The bill aims to clarify SEC/CFTC jurisdiction and establish a non-security path for decentralized tokens. Despite passing the House in 2025 and a Senate committee in May 2026, final negotiations have stalled over ethics and law enforcement provisions, jeopardizing the 60 Senate votes needed. If the bill fails to pass before the recess, its chances in 2026 drop significantly, with prediction markets giving only a 40% probability. Analyst Galaxy Digital has lowered its 2026 passage odds to 50%. Failure would likely lead to continued 'slow bleeding' in crypto markets, as seen in June's record $4.5 billion net outflow from US Bitcoin ETFs. XRP, which stands to gain permanent commodity status from the bill, could lose its 'regulatory premium.' Bitcoin and Ethereum, already classified as commodities via a joint agency interpretation, would face less direct impact but broader regulatory uncertainty would persist, delaying institutional capital and DeFi innovation. The path forward includes: 1) Passage before August (a major catalyst), 2) Delay to 2027 (extending market uncertainty), or 3) Failure, requiring the bill to be reintroduced in the next Congress. While delay is a setback, the bill's progress indicates the US is closer than ever to resolving crypto regulatory ambiguity."

marsbit30 min fa

Countdown to the CLARITY Act: 25 Days Left—What Will Happen to the Crypto Market if It Fails to Pass Before the August Recess?

marsbit30 min fa

In the First Half of the Year, Half of VC Money Flowed to AI, with These 30 Companies Alone Raising Over 170 Billion Yuan

First Half of 2026: VC Investment in AI Explodes, with 30 Top Companies Raising Over 170 Billion RMB In the first half of 2026, China's AI sector saw a massive surge in venture capital, with total equity financing exceeding 300 billion RMB—already surpassing the entire 2025 total. Key trends include: * **Massive Funding Scale:** The AI track recorded 1,203 financing events totaling over 300 billion RMB. Investment peaked in June, partly driven by DeepSeek's landmark 51-billion-RMB Series A round. * **Geographic Concentration:** Beijing, Hangzhou, Shanghai, and Shenzhen dominated, accounting for 74% of deals and 86% of total funding. Beijing led with 95.5 billion RMB, while Hangzhou surged to second place due to DeepSeek's round. * **Sector Focus:** * **Large Models** were the top draw, securing over half of all funds (nearly 1.6 trillion RMB). * **AI Infrastructure** (compute, chips) and **Embodied AI** (e.g., robotics) were other major investment areas, with the latter being the most active in number of deals. * **AIGC Applications** attracted significant capital (59.6 billion RMB), indicating strong belief in near-term commercialization. * **Investment Stage Logic:** Capital followed a clear strategy: heavy bets on growth-stage companies (A/B rounds), major funding for mature leaders, and widespread, smaller-scale seeding of early-stage innovators. * **Notable Early-Stage Trends:** World models (seen as the "OS" for embodied AI) attracted the most early capital. Angel/seed rounds reached unprecedented sizes ("inflation"), and investment shifted from foundational large models to downstream applications like robotics and physical AGI. * **Top Companies:** The 20 largest mid/late-stage deals raised 1.565 trillion RMB. Leaders include the "Big Three" large model firms (DeepSeek, StepFun, Kimi), seven leading humanoid robot companies ("Seven Samurai"), and top AIGC application players. * **Outlook:** Full-year 2026 funding is projected to exceed 6 trillion RMB. However, consolidation is expected in the large model sector, with the window for pure-play general AI startups closing. Survival will depend on finding niche verticals or securing strategic backing.

marsbit35 min fa

In the First Half of the Year, Half of VC Money Flowed to AI, with These 30 Companies Alone Raising Over 170 Billion Yuan

marsbit35 min fa

Trading

Spot
活动图片