Raydium, a leading decentralized exchange on the Solana blockchain, suffered a 1.34 million dollar exploit targeting its legacy Automated Market Maker V3 program. The attack drained deprecated liquidity pools that had been inactive since 2021.
Hackers exploited a logic flaw in the liquidity provider mint validation process, siphoning approximately 150,000 RAY tokens, 5,600 SOL, and nearly 894,000 USDC. Blockchain analysis traces the attacker's initial funding to the KuCoin exchange, with stolen funds subsequently laundered through the sanctioned Tornado Cash mixer.
No active users or current Raydium interfaces were compromised. The platform confirmed it will fully reimburse the affected deprecated pools directly from its treasury. Raydium is now conducting a comprehensive security audit of all mainnet programs to prevent future vulnerabilities.