Raydium Suffers $1.34M Loss as Hacker Exploits Legacy Code Vulnerability

Raydium has faced another security breach, with a hacker exploiting a vulnerability in its legacy AMM V3 program to drain $1.34 million from five liquidity pools that had been deprecated since 2021.

The attack targeted code from 2021 and used a self-contained logic flaw to generate fraudulent ownership receipts. This allowed the attacker to trick the legacy smart contract into treating them as a legitimate liquidity provider, enabling a full withdrawal of pool assets.

According to PeckShieldAlert, the attacker's wallet was initially funded through KuCoin, and after draining the pools on Solana, they bridged the stolen funds to Ethereum via deBridge. The bulk of the haul was then deposited into Tornado Cash, a mixing protocol frequently used to obscure transaction origins.

The Raydium team has confirmed that it is aware of the unauthorized liquidity removal and committed to covering losses. However, the leadership has not disclosed exactly how and when affected liquidity providers will be reimbursed.