Solana DeFi Exchange Raydium Hacked for Over $2 Million

It’s been a rough holiday season for Solana.

After struggling to recover from debilitating damage wrought on the network by the stunning downfall of one of its most prominent backers, disgraced FTX founder Sam Bankman-Fried, Solana has now suffered a significant hack to one of its largest DeFi protocols.

Early Friday, Solana DeFi protocol Raydium announced that a hacker had managed to overtake the organization’s “owner authority,” and used that access to begin draining Raydium’s liquidity pools. DeFi tools allow users to trade, borrow, and lend crypto assets among each other, without third-party intermediaries. And automated market makers like Raydium accomplish this by allowing users to contribute assets to a pool, often in exchange for token rewards.

An exploit on Raydium is being investigated that affected liquidity pools. Details to follow as more is known

⁰Initial understanding is owner authority was overtaken by attacker, but authority has been halted on AMM & farm programs for now
Attacker accnthttps://t.co/ZnEgL1KSwz

— Raydium (@RaydiumProtocol) December 16, 2022

Within hours today, a hacker stole over $2.2 million worth of digital assets from such a pool on Raydium, including $1.6 million worth of SOL, according to analysis from blockchain analytics firm Nansen.

The wallet draining LP Pools from Raydium liquidity pools has received over $2.2M now, including $1.6M $SOL

Track here: https://t.co/IQedsOstPE pic.twitter.com/OAQJgaq5Mc

— Nansen Portfolio (@nansenportfolio) December 16, 2022

The hacker appears to have pulled off the attack by using one of the protocol owner’s private keys. It remains unclear how the hacker accessed that information.

Raydium is one of Solana’s largest decentralized finance protocols, and is considered one of the cornerstones of the Solana DeFi ecosystem. The fact that it was vulnerable to such a top-down method of exploitation led many in the Raydium community to advise withdrawing from the protocol entirely.

🚨🚨🚨🚨🚨
There seems to be a wallet is draining LP Pools from Raydium liquidity pools using admin wallet as a signer without having/burning LP tokens.

We withdrew protocol provided PRISM/USDC liquidity from Raydium

WITHDRAW YOUR PRISM/USDC LIQUIDITY FROM RAYDIUM

— PRISM (@prism_ag) December 16, 2022

In the minutes following the hack, Raydium’s native token RAY fell just over 8% to $0.16 at writing, according to CoinGecko. Total value locked on the protocol has plummeted over 27% in the same period, to $34.73 million at writing, according to DeFi Llama.

The exploit comes just a month after several wallets belonging to FTX, then in the throes of collapse, were drained of $650 million in digital assets. Bankman-Fried later claimed the attack, while not his doing, was potentially the work of a former FTX employee. Bankman-Fried was arrested on Monday for eight criminal charges including conspiracy, wire fraud, and money laundering.

In the days following FTX’s collapse, it was revealed that the private keys to Solana decentralized exchange and liquidity provider Serum—co-founded by Bankman-Fried himself—were housed on FTX. Given that Serum was integrated with almost every major Solana DeFi project, including Raydium, the news spread panic across the entire network. Raydium and a number of other protocols rushed to cut ties to Serum, and then jumpstart a fork of the project untainted by the FTX fallout.

Friday’s Raydium hack, while not necessarily linked to Serum or FTX, indicates that Solana’s worries are far from over.

Just when we think #Solana can't get worse, it finds a way to surprise us!

— Helin ULKER (@beautyofhelin) December 16, 2022

Solana DeFi Exchange Raydium Hacked for Over $2 Million

The attacker appears to have used the protocol’s own private keys to drain liquidity pools. It’s unclear how they got them.

Stay on top of crypto news, get daily updates in your inbox.

Coin Prices

Stay on top of crypto news, get daily updates in your inbox.