Solana news: Raydium DEX Exploit: $1.34 Million Lost Due to Legacy AMM Vulnerability
Raydium DEX Exploit Overview
Raydium, a decentralised exchange (DEX) operating on the Solana blockchain, reported a security breach involving its legacy automated market maker (AMM) V3 programme. The exploit resulted in the loss of approximately $1.34 million, affecting pools containing RAY, SOL, and USDC tokens.
Details of the Exploit
The attacker exploited a weakness in the validation of liquidity provider (LP) mints within the retired AMM V3 programme. By creating a new mint and using it as the LP token, the attacker bypassed checks designed to regulate asset accounting in Raydium pools. This allowed unauthorised withdrawals from RAY-SOL, USDC-RAY, and SRM-RAY pools.
Funds Movement and Response
Blockchain analysis by PeckShield revealed that the stolen funds were laundered across multiple blockchains. Notably, 810 ETH was sent to Tornado Cash, and 7 ETH to FixedFloat. Raydium confirmed that the affected AMM V3 programme was phased out in 2021 and is no longer accessible via its current user interface. The platform emphasised that current programmes remain unaffected and ongoing security reviews are underway.
Why This Matters for Solana and UK Users
This incident underscores the importance of robust security practices for DeFi protocols on Solana, especially as the UK market continues to explore decentralised finance opportunities. UK users and developers should remain vigilant regarding legacy contract vulnerabilities and prioritise platforms with active security audits.
- Raydium lost $1.34 million due to legacy AMM vulnerability
- Funds were laundered via Ethereum-based mixers
- Current Raydium programmes are unaffected
Ongoing Security and Best Practices
Raydium's response highlights the necessity for continuous security reviews and deprecation of outdated smart contracts. For UK-based DeFi participants, this event serves as a reminder to assess the security posture of platforms before engaging in liquidity provision or trading.
