Solana-based decentralized exchange (DEX) Raydium suffered a $1.34 million exploit on Wednesday, affecting five deprecated liquidity pools from its legacy automated market maker (AMM) program. The attacker, identified by a Solana address ending in "Bq33QVk," bypassed validation logic in the deprecated program to mint new liquidity provider tokens and drain funds, including nearly $900,000 in USDC, $357,000 in SOL, and $86,000 in RAY tokens. Raydium contributor 0xInfra stated that no current users were affected, as the pools were phased out and inaccessible via the user interface. The firm plans to reimburse the stolen funds from its treasury. The incident adds to a growing list of DeFi exploits and vulnerability discoveries, some aided by AI tools. While no AI involvement is confirmed in this case, analysts note AI's role in automating security audits. Notably, the exploit occurred shortly after Anthropic released an upgraded cybersecurity AI model. Raydium's native token RAY fell 2% in 24 hours, trading at $0.567, down 96.6% from its all-time high.

Key facts

• Raydium lost $1.34M due to an exploit on five deprecated liquidity pools.
• The attacker bypassed validation logic to mint LP tokens and drain funds.
• No current users were affected; stolen funds will be repaid from treasury.
• Exploit follows a trend of increasing DeFi hacks and AI-assisted discoveries.
• RAY token dropped 2% in 24 hours, trading at $0.567.

KeyAudit data perspective