Raydium, a Solana Dex, Lost over $2 Million to Hacker


Things fell apart this year for Solana-based projects just when it seemed that Solana was recovering from the trauma of the FTX collapse and Serum hack. The Raydium hack came to surprise everyone.

Last Friday, Raydium brought terrible news to the crypto community as it announced that the protocol became a hacked victim.

The hacker took charge of the protocol admin private key to perpetrate the evil deed of draining the liquidity pool. How the hacker managed to have the private key remains a mystery.

Let’s dive into Raydium and how hackers exploited the protocol.  

Raydium Protocol, an order book AMM (Automated market Maker) on the Solana [SOL] network, was hacked on 16 December. Reportedly, the hacker extracted funds from various Raydium liquidity pools without owning or burning any LP tokens.

How the Hack Occurred

Raydium came to Twitter and announced that they encountered a hack, and a security investigation has started to find out how the hack occurred and to recover the funds siphoned by the hacker.

According to Raydium, the attacker acquired access to the pool owner’s account and then used the withdrawal PNL function, which is used to collect trading fees earned by swaps in pools.

The hacker additionally changed the SyncNeedTake parameters for quote and base tokens in the compromised pool to modify expected fees and withdraw those amounts.

SOL-USDC, SOL-USDT, RAY-USDC, and RAY-USDT were among the nine pools affected, with a total loss of approximately $4.395 million.

Reactions of Twitter Crypto Community

Nansen tweeted that there was unusual activity going on in Raydium.

“The wallet-draining LP Pools from Raydium liquidity pools have received over $2.2M now, including $1.6M $SOL.”

Prism also made a tweet about the Raydium hack and encouraged people to withdraw their PRISM/USDC liquidity from Raydium.

ZachXBT tweeted that about $2 million in the stolen funds of the hacker have been bridged to Ethereum and deposited to Tornado Cash for safe withdrawal. The finding of ZachXBT was also in line with what Nansen said on Twitter

DeFiLama revealed that Raydium still has a Total Value Locked (TVL) of $30.8 million.

Arkham, a crypto-intelligence provider, declared earlier that the Solana account had already drained multiple liquidity pools on Raydium. It recommended withdrawing funds from Raydium as soon as possible.

Raydium Released a Bug Bounty

Raydium stated that if the attacker returns the funds, there will be a 10% white-hat bug prize.

The attacker is invited to contact the victim through usual channels or at the address listed below. 0x6d3078ED15461E989fbf44aE32AaF3D3Cfdc4a90


Solana blockchain projects and protocols have been one of the targets of hackers for 2022. The Solana ecosystem didn’t suffer from price decline alone but also from hackers ranging from Wormhole Bridge hack, Mango hack and Serum hack; this has made the Solana blockchain continue to lose public trust.

This year has not been favourable for DeFi as hackers brought losses upon many protocols. 

Leave a Reply

Your email address will not be published. Required fields are marked *