Monday 30 January 2023
Home / none / Raydium is attacked, loses $2M

Raydium is attacked, loses $2M

Solana-based decentralized finance protocol Raydium has suffered an exploit, according to a statement from the developer. An initial investigation by the team revealed that the attacker took over the exchange’s owner account. The team said that “authority” over the automated market maker and farm programs has been paused “for now.”

Twitter user and researcher ZachXBT reported that the attacker has bridged $2 million to Ethereum “so far.”

Around 2 p.m. UTC on Dec. 16, a Raydium admin account posted nearly 1,000 transactions to the Solana network.

Each transaction removed liquidity from Raydium without depositing a corresponding LP token, effectively seizing possession of liquidity providers’ funds. A variety of tokens were taken in the exploit, including US Dollar Coin (USDC), Wrapped SOL (wSOL), Raydium, and others.

Transactions from the admin wallet that was used in the attack. Source: Solscan.io

The exploit appears to have first been discovered by the Prism dev team. They posted a warning at 2:01 that an attacker was draining liquidity from Raydium without depositing and burning LP tokens. Prism warned its users to withdraw their Prism and USDC tokens from the exchange immediately.

40 minutes later, the Raydium team took to Twitter to confirm that the exchange had been hacked.

According to crypto auditing firm Ottersec, the attacker has drained funds by invoking the withdraw_pnl function on the contract, which is used by the developer to withdraw fees. The firm did not say whether this function can be used to withdraw all liquidity or only a small percentage from the pools.

Nansen Portfolio, a crypto analytics firm, has confirmed that the attacker drained over $2.2 million from the exchange.

At the time of writing, the Raydium team is still investigating the exploit and has not yet announced whether compensation will be offered to victims of the attack.

Admin account hacks have been a recurring problem in the crypto space recently. On Dec. 2, Ankr protocol’s deployer key was stolen, and the attacker used it to remove $5 million worth of BNB. Earlier in the year, the Ronin network bridge was hacked by similar means. In this case, the attacker ran off with over $600 million of crypto loot.

Ankr has since reimbursed victims, and Ronin developer Axie Infinity has pledged that it will do the same.

Original Article

About Jude Savage

Check Also

Solana price rally risks exhaustion after SOL’s 120% pump in two weeks

Solana (SOL) price is up an impressive 60% since the new year, partially boosted by hype surrounding meme cryptocurrency Bonk (BONK). However, the SOL/USD pair now shows signs of exhaustion, raising anticipations that the token may see a short-term correction in the coming days. Solana turns overboughtSolana is one of the best performing cryptocurrencies so far in 2023 after being one of the biggest losers in 2022. On Jan. 9, SOL's price jumped to as high as $19.50, or around 120% gains in a recovery rally after sliding below $8 on Dec. 29, 2022. But the price spik also turned Solana into an overbought asset, per its daily relative strength index (RSI) reading above 70, as shown below. SOL/USD daily price chart. Source: TradingViewTraditional investors typically see an overbought RSI as a potential sell signal, given the indicator has historically coincided with a period of buyer exhaustion. As a result, SOL's price could enter a correction or a sideways consolidation stag..

Leave a Reply

Your email address will not be published. Required fields are marked *