Five deprecated liquidity pools from Solana-based decentralized exchange Raydium were exploited on Wednesday, leading to more than $1.34 million in stolen funds.
The exploit impacted the firm’s legacy automated market maker program and led to the loss of Solana (SOL), as well as dollar-backed stablecoin USDC and the exchange’s native token, RAY.
“No current users of Raydium are affected by this exploit or would have been able to interact with these pools through the UI since their deprecation,” posted pseudonymous Raydium contributor 0xInfra on X.
The exploiter, who has a Solana address ending in “Bq33QVk,” was able to bypass validation logic in the deprecated program and mint new liquidity provider tokens. In total, the attacker made off with nearly $900,000 in USDC, approximately $357,000 in SOL, and $86,000 worth of RAY. It will be repaid using the firm's treasury.
The firm’s existing mainnet programs prevent this type of vulnerability, according to 0xInfra, who highlighted that this was not due to a “a key compromise or authority-level issue.”
The exploit extends a growing list of recent vulnerabilities discovered in crypto networks and decentralized finance (DeFi) protocols of late.
In April, KelpDAO and Solana-based Drift Protocol each suffered exploits that affected just shy of $300 million in funds, respectively.
Last week, privacy network Zcash saw its native token crash more than 40% in 24 hours after developers disclosed that a security researcher used a frontier AI model to discover a four-year-old vulnerability that affected one of its privacy pools.
Although there is no evidence yet that AI was used in the Raydium exploit, analysts told Decrypt in May that AI is transforming exploit discovery by “automating what skilled auditors do.”
Furthermore, the exploit took place just one day after private AI firm Anthropic released an upgraded version of Mythos, its cybersecurity-focused that it claims has “unprecedented cybersecurity capabilities.” Anthropic also released a neutered, publicly available version called Claude Fable 5, which has drawn criticism for how much it has been hobbled.
Amid the incident, Raydium’s native token is down around 2% in the last 24 hours, recently changing hands at $0.567. The token has fallen around 13% in the last week of trading amid a broader market rout, and is now 96.6% off its all-time high of $16.83.
免责声明:本文章仅代表作者个人观点,不代表本平台的立场和观点。本文章仅供信息分享,不构成对任何人的任何投资建议。用户与作者之间的任何争议,与本平台无关。如网页中刊载的文章或图片涉及侵权,请提供相关的权利证明和身份证明发送邮件到support@aicoin.com,本平台相关工作人员将会进行核查。
