Subscribe

    Raydium is attacked, loses USD 2 million

    MatthewBy No Comments4 Mins Read
    Raydium is attacked, loses USD 2 million

    The decentralized finance protocol Raydium, based on Solana, has suffered an attack, according to a statement from the developer. An initial investigation by the team revealed that the attacker gained control of the exchange owner’s account. The team said “authority” over the automated market maker and farming programs have been put on hold “for now.”

    An exploit in Raydium that affected liquidity pools is being investigated. Details to follow as more is known

    Initially it is understood that the owner’s authority was overridden by the attacker, but authority has stopped at AMMs and farming programs for now.
    attacker account

    Twitter user and researcher ZachXBT reported that the attacker has transferred $2 million to Ethereum “so far”

    Around 2 pm UTC on December 16, a Raydium manager account posted almost 1,000 transactions on the Solana network.

    Each transaction withdrew liquidity from Raydium without depositing the corresponding LP token, thereby seizing funds from liquidity providers. Various tokens were stolen in the attack, such as US Dollar Coin (USDC), Wrapped SOL (wSOL), Raydium and others.

    Transactions from the management wallets that were used in the attack. Source: Solscan.io

    The exploit appears to have been first discovered by the Prism development team. They posted a warning at 2:01 that an attacker was draining Raydium’s liquidity without depositing or burning LP tokens. Prism has warned its users to remove their Prism and USDC tokens from the exchange immediately.

    It seems that a wallet is draining LP Pools from Raydium liquidity pools using admin wallet as signer without holding/burning LP tokens.

    We removed the liquidity of the PRISM/USDC pair provided by the Raydium protocol

    WITHDRAW YOUR PRISM/USDC LIQUIDITY FROM RAYDIUM

    40 minutes later, the Raydium team took to Twitter to confirm that the exchange had been hacked.

    According to cryptocurrency auditing firm Ottersec, the attacker has drained the funds invoking the contract’s withdraw_pnl function, which is used by the developer to withdraw commissions. The firm did not specify if this function can be used to withdraw all the liquidity or only a small percentage of the funds.

    Nansen Portfolio, a cryptocurrency analytics firm, has confirmed that the attacker drained more than $2.2 million from the exchange.

    As of this writing, the Raydium team is still investigating the exploit and has not yet announced whether compensation will be offered to the victims of the attack.

    Admin account hacks have been a recurring problem in the crypto space recently. On December 2, the Ankr protocol deployment key was stolen and the attacker used it to withdraw $5 million worth of BNB. At the beginning of the year, the Ronin network bridge was hacked by similar means. In this case, the attacker fled with loot of more than $600 million in cryptocurrency.

    Ankr has since reimbursed victims, and Ronin developer Axie Infinity has promised to do the same.

    Clarification: The information and/or opinions expressed in this article do not necessarily represent the views or editorial line of Cointelegraph. The information presented here should not be taken as financial advice or investment recommendation. All investment and commercial movement involve risks and it is the responsibility of each person to do their due research before making an investment decision.

    Investments in crypto assets are not regulated. They may not be suitable for retail investors and the entire amount invested may be lost. The services or products offered are not directed or accessible to investors in Spain.

    Related Posts

    Add A Comment

    Leave a Reply