Trusted

Raydium Protocol Suffers A $2M Liquidity Pool Attack

2 mins
Updated by Paolo Besabella
Join our Trading Community on Telegram

In Brief

  • Raydium was hit by a significant attack on its liquidity pool on Friday.
  • The Solana-based protocol has since published the affected wallets and funds.
  • A “white-hat bug bounty” of 10% has been offered to the attacker if they return the stolen assets.
  • promo

DeFi protocol Raydium was the victim of a liquidity pool exploit on Friday. The attack appears to have compromised approximately $2M in funds.

Their initial understanding is that the attacker took over the exchange’s admin account. The Solana-based protocol says that “authority” over automated market maker and farm programs has now been temporarily frozen.

After these events, Raydium has since published a list of affected wallets.

Also ,the suspicious activity began when a Raydium admin account removed significant liquidity from the protocol. In total, there were almost 1,000 transactions on the Solana network that did not replace it with the necessary LP token.

Prism Identified The Attack

In essence, this means the liquidity provider’s funds were stolen. Potentially risking the viability of the protocol. The assailant took a variety of tokens, including US Dollar Coin (USDC), Wrapped SOL (wSOL), and Raydium.

Fortunately, the Prism team was able to quickly identify the attack. At 14:01 UTC, they alerted the community that someone was draining liquidity from Raydium without properly storing or burning LP tokens.

In response, Prism immediately issued a warning to its users to withdraw their Prism and USDC tokens from the decentralized exchange as a precautionary measure. Overall, the team’s quick action and communication helped mitigate the potential impact of the attack.

Following these, Raydium confirmed the attack at 14:41 UTC.

The “Post-Mortem”

According to the protocol’s official Twitter account, Raydium is investigating alongside teams from Solana and third-party auditors. As of 21:12 UTC, Raydium have implemented a patch covering their vulnerability. 

In the wake of the attack becoming public, the protocol has promptly taken action by revoking the previous owner privileges and replacing “all program accounts with new hard wallet accounts.” Additionally, the protocol has reassured users that it has effectively neutralized the attacker’s threat to the liquidity of the system. Overall, the protocol has taken swift and decisive action to protect its users and restore confidence in the system.

Raydium has invited the perpetrator to return all funds in return for a “white-hat bug bounty”. The attacker can make contact through the “normal channels” or via the address:

0x6d3078ED15461E989fbf44aE32AaF3D3Cfdc4a90

Top crypto projects in the US | November 2024
Coinrule Coinrule Explore
Coinbase Coinbase Explore
Uphold Uphold Explore
3Commas 3Commas Explore
Chain GPT Chain GPT Explore
Top crypto projects in the US | November 2024
Coinrule Coinrule Explore
Coinbase Coinbase Explore
Uphold Uphold Explore
3Commas 3Commas Explore
Chain GPT Chain GPT Explore
Top crypto projects in the US | November 2024

Disclaimer

In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and ConditionsPrivacy Policy, and Disclaimers have been updated.

Frame-2298.png
Josh Adams
Josh is a reporter at BeInCrypto. He first worked as a journalist over a decade ago, initially covering music before moving into politics and current affairs. Josh first owned Bitcoin in 2014 and has followed the space ever since. He is particularly interested in Web3 adoption, policy and regulation, CBDCs, privacy, and the future of the metaverse.
READ FULL BIO
Sponsored
Sponsored