Raydium lost approximately $1.3 million in an exploit targeting five legacy liquidity pools on Solana. The attack exploited a validation flaw in retired automated market maker (AMM) code, allowing the attacker to drain funds using a fake mint address. Stolen assets included 150,177 RAY, 5,603 SOL, and 893,700 USDC. The attacker, initially funded via KuCoin, moved funds to Ethereum and funneled 810 ETH through Tornado Cash and 7 ETH to FixedFloat. Raydium confirmed that affected pools were deprecated with no active user interaction, and its treasury will fully cover losses. The RAY price remained stable, dropping less than 1% to ~$0.57, while SOL fell nearly 2% to ~$63.88. This incident highlights risks from dormant legacy code, even after retirement. Raydium faced a similar exploit in December 2022 involving active pools, which was resolved via governance vote.

Key facts

• Raydium lost $1.3M from five legacy liquidity pools on Solana.
• Attacker exploited a validation flaw in retired AMM code using fake mint address.
• Stolen assets: 150,177 RAY, 5,603 SOL, and 893,700 USDC.
• Funds moved to Ethereum; 810 ETH sent to Tornado Cash.
• Raydium treasury covers all losses; RAY price stable near $0.57.

KeyAudit data perspective