Overview
- Raydium disclosed Wednesday that five deprecated AMM V3 liquidity pools were drained for about $1.34 million and said no current users or active pools were affected.
- On-chain analysts reported the stolen assets included roughly 150,177 RAY, 5,603 SOL, and about 893,700 USDC taken from Sollet USDT–RAY, Sollet ETH–RAY, SRM–RAY, USDC–RAY, and RAY–SOL pools.
- Investigators determined the attacker created a fake LP token mint to bypass the program’s proportion checks, exploiting insufficient LP-mint validation in the legacy AMM V3 code.
- Tracing firms linked the exploiter to initial funding from KuCoin, a bridge from Solana to Ethereum, and the routing of about 810 ETH into Tornado Cash with smaller transfers to FixedFloat, which makes recovery uncertain.
- Raydium has pledged full reimbursement from its treasury and launched a comprehensive mainnet security review, highlighting a wider risk that deprecated on-chain contracts can remain callable unless explicitly drained or disabled.