Finst

Raydium on Solana Hit by $1.34 Million Exploit

The attack hit outdated liquidity pools, while Raydium says current users were not directly affected. The protocol is covering the losses from its own treasury.

By Luc Vesters
• 2 min read
Raydium on Solana Hit by $1.34 Million Exploit

Key Takeaways

  • Raydium on Solana was hit by an exploit that drained more than $1.34 million.
  • The attack targeted five outdated liquidity pools from an old AMM version; current users were not directly affected.
  • Raydium says it will cover the losses from its own treasury and says the legacy program, not the current mainnet programs, was affected.

The decentralized exchange Raydium on the Solana network was hit on Wednesday by an exploit that drained more than $1.34 million. The attack targeted five outdated liquidity pools from an older version of Raydium’s automated market maker (AMM) program. While the exploit caused major losses, current users were not directly affected, since these pools have been phased out since 2021 and are not accessible through the user interface.

Details of the Exploit and Impact

The attacker managed to bypass the validation logic of the outdated AMM program and was able to mint new liquidity provider tokens. That led to about $900,000 being drained in USDC, $357,000 in Solana (SOL), and $86,000 in Raydium’s own token, RAY. The company said it will reimburse these losses from its own treasury. According to a pseudonymous Raydium employee known as 0xInfra, there was no key compromise or authorization-level issue. The exploit only affects the legacy program, and Raydium’s current mainnet programs prevent this kind of vulnerability.

Broader View on DeFi Security

This attack fits into a broader trend of rising vulnerabilities across DeFi protocols. Earlier this year, KelpDAO and Drift Protocol were among the projects hit by exploits that caused losses of nearly $300 million. The fast growth of the Solana network, which is popular for its high transaction speed and low fees, also brings security challenges. Raydium itself has dealt with an exploit before, in December 2022, when about $4.4 million was stolen after an attack on the admin keys. Since then, several security audits have been carried out to improve platform safety.

Why This Matters for European Crypto Users

For European users, this incident highlights the importance of staying careful when using DeFi platforms, especially older or less-maintained protocols. Even though Raydium is handling the damage internally and the exploit did not directly affect current users, it shows the risks that can come from outdated code and legacy systems within fast-moving blockchain ecosystems like Solana. That could matter for European investors and developers who are active in DeFi and blockchain innovation.

Disclaimer: This content is for informational purposes only and does not constitute financial, investment, legal, or tax advice. The information provided may be incomplete, inaccurate, or outdated and should not be relied upon as such. Nothing on this website should be considered a recommendation to buy, sell, or hold any cryptocurrency. Investing in crypto-assets involves risk of loss.