Raydium (RAY)

Raydium is aware of an exploit involving unauthorized removal of liquidity from its legacy AMM V3 program which was previously phased out in 2021. No current users of Raydium are affected by this exploit or would have been able to interact with these pools through the UI since their deprecation. Raydium’s SDK and DAPP do not support mainnet interactions with legacy AMM V3 pools. The exploiter’s address is: 4WnPebowR4HHfumvNPaDjG6Pa5Hi1jxLm6xmmBq33QVk There were 5 pools affected: Sollet USDT - RAY Sollet ETH - RAY SRM - RAY USDC - RAY RAY - SOL An initial review of exploited assets of value are: ~150,177 RAY ~5,603 SOL ~893,700 USDC The market value of assets exploited is ~$1.34m. Full compensation will be handled by Raydium’s treasury. Legacy AMM V3 was previously only enabled to use deposited funds to place orders on the Serum order book. The program did not provide swap functionality and following the deprecation of Serum, the associated liquidity remained idle. For proportion checks, the program re

NEWS: Raydium suffered a $1.34M exploit affecting deprecated liquidity pools. The protocol said losses will be fully covered by its treasury, with no impact on current users. https://t.co/jtHyAIgj3n

How a hacker stole $1.34M from Raydium: - finds a bug inside Raydium's old 2021 code - targets 5 forgotten liquidity pools that were no longer being used. - generates fake ownership receipts to trick the system. - convinces the old program/code that he has liquidity that he never deposited. - withdraws real funds from the pools walks away with: > 150,177 $RAY > 5,603 $SOL > 893,700 $USDC steals ~$1.34 million in total - bridges the funds from Solana to Ethereum - starts sending hundreds of ETH into Tornado Cash to hide the trail - Raydium confirms the exploit publicly - current users are not affected - Current Raydium pools are safe.

Raydium is aware of an exploit involving unauthorized removal of liquidity from its legacy AMM V3 program which was previously phased out in 2021. No current users of Raydium are affected by this exploit or would have been able to interact with these pools through the UI since their deprecation. Raydium’s SDK and DAPP do not support mainnet interactions with legacy AMM V3 pools. The exploiter’s address is: 4WnPebowR4HHfumvNPaDjG6Pa5Hi1jxLm6xmmBq33QVk There were 5 pools affected: Sollet USDT - RAY Sollet ETH - RAY SRM - RAY USDC - RAY RAY - SOL An initial review of exploited assets of value are: ~150,177 RAY ~5,603 SOL ~893,700 USDC The market value of assets exploited is ~$1.34m. Full compensation will be handled by Raydium’s treasury. Legacy AMM V3 was previously only enabled to use deposited funds to place orders on the Serum order book. The program did not provide swap functionality and following the deprecation of Serum, the associated liquidity remained idle. For proportion checks, the program re

Raydium is aware of an exploit involving unauthorized removal of liquidity from its legacy AMM V3 program which was previously phased out in 2021. No current users of Raydium are affected by this exploit or would have been able to interact with these pools through the UI since their deprecation. Raydium’s SDK and DAPP do not support mainnet interactions with legacy AMM V3 pools. The exploiter’s address is: 4WnPebowR4HHfumvNPaDjG6Pa5Hi1jxLm6xmmBq33QVk There were 5 pools affected: Sollet USDT - RAY Sollet ETH - RAY SRM - RAY USDC - RAY RAY - SOL An initial review of exploited assets of value are: ~150,177 RAY ~5,603 SOL ~893,700 USDC The market value of assets exploited is ~$1.34m. Full compensation will be handled by Raydium’s treasury. Legacy AMM V3 was previously only enabled to use deposited funds to place orders on the Serum order book. The program did not provide swap functionality and following the deprecation of Serum, the associated liquidity remained idle. For proportion checks, the program re

An attacker just drained $1.34 MILLION out of Raydium, from pools that have been dead since 2021. Raydium retired these old pools years ago and moved everyone to newer ones, but never actually switched off the old contracts. They sat live onchain, unused, until today someone found a flaw, faked proof of ownership, slipped past the checks and emptied five of them. The active exchange wasn't touched and the team says its treasury covers anyone affected, so users don't lose out. Same lesson as half the hacks this year though. Nobody goes after the part everyone's watching. They go for the part everyone forgot was still on.