After struggling to recover from debilitating damage wrought on the network by the stunning downfall of one of its most prominent backers, disgraced FTX founder Sam Bankman-Fried, Solana has now suffered a significant hack to one of its largest DeFiDeFi protocols.
Early Friday, Solana DeFi protocol Raydium announced that a hacker had managed to overtake the organization’s “owner authority,” and used that access to begin draining Raydium’s liquidityliquidity pools. DeFi tools allow users to trade, borrow, and lend crypto assets among each other, without third-party intermediaries. And automated market makers like Raydium accomplish this by allowing users to contribute assets to a pool, often in exchange for token rewards.
An exploit on Raydium is being investigated that affected liquidity pools. Details to follow as more is known
⁰Initial understanding is owner authority was overtaken by attacker, but authority has been halted on AMM & farm programs for now Attacker accnthttps://t.co/ZnEgL1KSwz
Within hours today, a hacker stole over $2.2 million worth of digital assets from such a pool on Raydium, including $1.6 million worth of SOL, according to analysis from blockchain analytics firm Nansen.
The wallet draining LP Pools from Raydium liquidity pools has received over $2.2M now, including $1.6M $SOL
The hacker appears to have pulled off the attack by using one of the protocol owner’s private keys. It remains unclear how the hacker accessed that information.
Raydium is one of Solana’s largest decentralized finance protocols, and is considered one of the cornerstones of the Solana DeFi ecosystem. The fact that it was vulnerable to such a top-down method of exploitation led many in the Raydium community to advise withdrawing from the protocol entirely.
🚨🚨🚨🚨🚨 There seems to be a wallet is draining LP Pools from Raydium liquidity pools using admin wallet as a signer without having/burning LP tokens.
We withdrew protocol provided PRISM/USDC liquidity from Raydium
In the minutes following the hack, Raydium’s native token RAY fell just over 8% to $0.16 at writing, according to CoinGecko. Total value locked on the protocol has plummeted over 27% in the same period, to $34.73 million at writing, according to DeFi Llama.
The exploit comes just a month after several wallets belonging to FTX, then in the throes of collapse, were drained of $650 million in digital assets. Bankman-Fried later claimed the attack, while not his doing, was potentially the work of a former FTX employee. Bankman-Fried was arrested on Monday for eight criminal charges including conspiracy, wire fraud, and money laundering.
In the days following FTX’s collapse, it was revealed that the private keys to Solana decentralized exchange and liquidity provider Serum—co-founded by Bankman-Fried himself—were housed on FTX. Given that Serum was integrated with almost every major Solana DeFi project, including Raydium, the news spread panic across the entire network. Raydium and a number of other protocols rushed to cut ties to Serum, and then jumpstart a fork of the project untainted by the FTX fallout.
Friday’s Raydium hack, while not necessarily linked to Serum or FTX, indicates that Solana’s worries are far from over.
Just when we think #Solana can't get worse, it finds a way to surprise us!
The price of several tokens tied to Ethereum-based projects in decentralized finance, or DeFi, spiked on Tuesday after the Securities and Exchange Commission signaled that it’s taking steps internally to become more accommodative of the emergent subsector.
Ethereum was recently changing hands around $2,700, an 7.2% increase over the past day, according to crypto data provider CoinGecko. Uniswap, Aave, and Sky, were up 23%, 16%, and 15% respectively, rising to $8, $305, and $0.90.
On Monday, SEC...
Layer 1 blockchain and smart contract ecosystem Nibiru has launched Block Party, a points program designed to reward real user participation across its DeFi ecosystem.
Participants can earn Aura by interacting with applications on Nibiru EVM through trading, liquidity, lending, or quests.
WEN? 🔥 Introducing Nibiru Block Party launching this summer, a points program rewarding you with Aura for swaps, liquidity, lending & quests powered by @merkl_xyz and @galxe 🧵 pic.twitter.com/uDAnrohiYC
— Ni...
Curve Finance founder Michael Egorov told Decrypt that "for-hire" hackers are coordinating cross-platform attacks, making it increasingly difficult to secure DeFi projects.
One example is the DNS attack on Curve Finance last month. The decentralized finance protocol's front-end website was compromised, allowing attackers to redirect users to a malicious site.
"Different hackers could coordinate efforts across platforms, compromising them at the same time for greater impact and profit," Egorov to...
