‘No current users affected’ – Raydium responds after $1.34mln exploit
How did an attacker take advantage of a program that Raydium had abandoned years before?
Another day, another exploit.
On the 10th of June, Solana-based decentralized exchange [DEX] Raydium discovered a coding flaw in its legacy AMM V3 program. The vulnerability allowed an attacker to drain funds from several deprecated liquidity pools.
For background, the AMM V3 was a program that Raydium ceased to use in 2021 and was no longer available via the SDK, user interface, or current dApp. By taking advantage of a flaw, an attacker took out roughly $1.34 million in cryptocurrency from five pools.
Pools and tokens compromised
According to preliminary estimates, the attacker drained approximately 150,177 Raydium [RAY], 5,603 Solana [SOL], and nearly 893,700 USDC from the impacted pools.
This included RAY-SOL, USDC-RAY, and SRM-RAY, Sollet USDT-RAY, and Sollet ETH-RAY pairs. PeckShield also tracked down seven Ethereum [ETH] that were deposited to FixedFloat and 810 ETH to Tornado Cash.
Still, assuring the community, Raydium took to X and noted,
No current users of Raydium are affected by this exploit or would have been able to interact with these pools through the UI since their deprecation.
What was the main cause behind this attack?
Raydium claims that the flaw was caused by the legacy program’s inadequate validation of LP (liquidity provider) token mints.
That said, the attacker was able to produce a phony LP token because the contract did not sufficiently validate LP token mints. As a result, the exploiter withdrew money from the impacted pools and got around proportional ownership checks.
The problem, Raydium stressed, was limited to the deprecated AMM V3 codebase and was not caused by a compromised admin authority, private key, or protocol-wide security breach.
The current mainnet programs for the protocol now use a different architecture that protects them from this kind of attack by using virtual supply mechanisms and verifying LP mints.
Therefore, neither current liquidity pools nor active Raydium users were affected. The protocol also said that all losses resulting from the exploit will be fully reimbursed through Raydium’s treasury.
Along with that, a more thorough security review of all mainnet programs is also being conducted.
Impact on price and more
Interestingly, despite the exploit, RAY’s price action was at $0.5815 following a 2.08% increase over the previous day. The 8% weekly drop and the 30% monthly drop, however, continue to raise concerns.
This coincided with another exploit in which the attacker gained control of administrative bridge permissions, depleting 141 million H tokens on Ethereum.
Additionally, security researchers discovered that another exploiter withdrew approximately $1.5 million in WETH from an Ethereum balancer liquidity pool through a governance takeover attack.
Altogether, the total amount of money stolen in 2026 has risen to $795.3 million, with April seeing the most breaches.
Final Summary
- The wrongdoer drained approximately 150,177 RAY, 5,603 SOL, and nearly 893,700 USDC from the impacted pools.
- RAY’s price still remained unaffected, spiking by over 2% in the past 24 hours.
