Raydium (RAY)

🔥 Raydium confirms a vulnerability on its old AMM V3 👀 The program in question had been inactive since 2021. #Raydium #Solana #DeFi https://t.co/Ll0knSadML

🚨 UPDATE: Raydium confirmed an exploit on its discontinued AMM V3 program, inactive since 2021. https://t.co/gerk1gi4N4

⚠️ Raydium suffers an exploit of $1.34 million in a legacy AMM program; the treasury will cover the losses Raydium confirmed an exploit in its old AMM V3 program that resulted in the theft of approximately $1.34 million worth of assets. The attack occurred in inactive liquidity pools and was due to insufficient validation in legacy contracts that allowed the attacker to bypass proportion controls. Incident details The hack affected exclusively withdrawn and inactive liquidity pools, including RAY‑SOL, USDC‑RAY and SRM‑RAY. According to the Raydium team, the vulnerable code belonged to a discontinued version of the protocol that had not been used since 2021 and had already been removed from the official interface. Developers emphasized that active users of the platform were not affected, as the exploit was limited to legacy contracts that are no longer part of Raydium's operating ecosystem. Market reaction and team response Despite the incident, the native RAY token showed resilience and rose more than 2% in the hours following the announcement. The project's treasury confirmed it will assume the full cost of the losses to compensate those affected. As a preventive measure, the Raydium team launched an exhaustive and independent security review of all active smart contracts deployed on the Solana mainnet. The incident again highlights the risks associated with legacy contracts that remain deployed on the blockchain, even when they are no longer in active use. In summary Raydium suffered a $1.34 million exploit in its old AMM V3 program, affecting only inactive liquidity pools belonging to a protocol version discontinued since 2021. Current users were not affected. The project's treasury will cover the losses and the team has initiated a full security review of its active smart contracts. Despite the incident, the RAY token remained stable and advanced more than 2% after the announcement. Important notice This information is based on Raydium's official statement and on-chain reports published on June 11, 2026. It does not constitute investment advice. Always perform your own analysis before making any financial decision.

🔴Again hacked, Raydium just lost $1.34M from 5 old pools 📌Raydium confirms it will use the treasury to compensate the loss after an attacker exploited a vulnerability in the old AMM V3 program, which has been deprecated since 2021. The attack affected several inactive liquidity pools, including pairs such as RAY‑SOL, USDC‑RAY and SRM‑SOL. Approximately 150,000 RAY, 5,600 SOL and nearly 900,000 USDC were withdrawn. 📌The issue is not with the current Raydium product, but with legacy code that still exists on the chain; even though the protocol is continuously updated, the old smart contracts linked to assets still pose risk. 📌Raydium uses the treasury to cover the loss simply because the damage is relatively small, but what if the scale were larger? Current users are not directly affected, yet the anxiety about DeFi cannot disappear. 📌This year’s hack incidents will kill the already scarce trust in old DeFi protocols. DeFi will not change the world. The market needs a different story.

any deprecated smart contracts still holding a meaningful amount of assets are basically blackhat bounties at this point unless the contracts are immutable, teams should announce a liquidity transition plan to prevent unmaintained contracts from being exploited in the future

Today, Raydium got exploited through an old contract from 2021. Two days ago, Haedal also had a very similar issue related to an old contract that was no longer being used. This makes me think that the vulnerability recently discovered in zcash:native being from 2021 is actually normal now. There's a high chance it had simply never been exploited before. Because clearly, all of this seems related to AI. Only AI can realistically find things that humans have overlooked for years. If someone did find the zcash:native vulnerability and exploit it, I believe it probably happened recently rather than years ago.

The ghost pools got drained. Raydium lost $1.34 million today. But the attack was not on its main exchange. The attacker targeted 5 old liquidity pools that were stopped in 2021 but were never fully turned off. These contracts stayed onchain for more than 3 years without anyone monitoring them. The attacker found a weakness, got around the ownership checks, and drained all 5 pools. What happened: 
- $1.34M stolen
- 5 old pools affected
- No active users lost funds
- Contracts were left exposed for 3+ years The good news is that Raydium's main protocol was not affected, and its treasury is covering the losses. The bigger lesson is simple: Just because a contract is old or no longer used doesn't mean it is safe. Many DeFi projects have old contracts still running onchain after upgrades and migrations. Most people forget about them. Attackers don't. More and more exploits are happening in old and abandoned contracts rather than in active systems. In DeFi, the biggest risk is often not the code everyone is watching. It's the old code that nobody has checked in years.

NEWS: Raydium suffered a $1.34M exploit affecting deprecated liquidity pools. The protocol said losses will be fully covered by its treasury, with no impact on current users. https://t.co/jtHyAIgj3n

🚨Another day another exploit ☠️ @Raydium 💰Exploit size - $1.34M ⛓️On Solana 👇How it happened 🏦There was a old LP from Serum DEX era 💰Holding 1.34M 📄To withdraw assets, you're supposed to have LP token ☠️It has a bug, to withdraw it only check if user has LP but don't check whether the LPs were genuine 🤷Hacker found this bug 📄Created a fake LP & withdraw funds from liquidity pool 🌉Bridged funds to Ethereum 📤Exited using Tornado Cash 📆This bug existed since 2021 🐞But why did exploit happen today? 👀AI 🤔Wt do u think? Agreed? 💙Like 🔁RT