Raydium, a decentralized finance (DeFi) protocol hosted on the Solana (SOL) blockchain, has been affected by a hack currently estimated at $4.4 million. The protocol offered the hacker to keep 10% of the funds if he agreed to return the remaining 90%.
New hack on the Solana blockchain
Raydiuma decentralized finance (DeFi) protocol of the Solana Blockchain (SOL)suffered a hack estimated at 4.4 million dollars in the afternoon of yesterday. Based on the available information, it appears that a malicious individual has managed to obtain access rights to the affected cash.
These were on liquidity pools, reserves hosting 2 different cryptocurrencies in order to allow users of the protocol to swap against each other. This liquidity is itself provided by users of the protocol, who are rewarded with tokens for this.
An exploit on Raydium is being investigated that affected liquidity pools. Details to follow as more is known
⁰Initial understanding is owner authority was overtaken by attacker, but authority has been halted on AMM & farm programs for now
Attacker accnthttps://t.co/ZnEgL1KSwz— Raydium (@RaydiumProtocol) December 16, 2022
“An attack on Raydium is being investigated and is affecting liquidity pools. Details will follow as soon as we know more. Based on the available evidence, we believe the owner’s rights have been obtained by the attacker, but authority has been halted on the AMM and farming tools at this time. »
At the time of writing these lines, the hacker’s main wallet contains almost exclusively SOL and STSOL, a staked version of SOL obtained on the Lido protocol. The rest is scattered over different addresses.
Figure 1 – Overview of the contents of the hacker’s main wallet
👉 Read our tutorial to store and secure your cryptocurrencies
The best way to secure your cryptocurrencies 🔒
🔥 The world leader in crypto security
What we currently know
According to the latest thread from the Raydium teams, which claim that its keys are stored via a multisignature process (Squads Protocol in this case), the hack was allowed following an attack in the form of a Trojan horse. The hacker would then have had access to the “withdrawalPNL” function to collect transaction fees from the corresponding pools.
Various measures have been taken by Raydium to limit the damage, in particular an update of its master keys to hard wallets. Furthermore, the protocol has offered to the hacker to keep 10% of the funds if he agreed to return the resta compromise often proposed in order to avoid possible legal proceedings.
This is the second blow in a short time for the Raydium protocol, who had already been affected by the fall of FTX. Sure enough, at that time, it was revealed that the Serum Protocol (SRM) private keys were held on FTX, which sent a wave of panic over the affected projects, including Raydium.
Figure 2 – Overview of Total Value Locked (TVL) on Raydium from the fall of FTX to today
The price of the RAY token was only relatively unaffected, however, the latter showing a drop of around 12% over the last 24 hours. It is currently trading at $0.15.
This is the second attack involving administrator keys for the month of December. Indeed, 2 weeks ago, a hacker had introduced malicious code in a smart contract update in order to mint 6 quadrillion Ankr Reward Bearing Staked BNB (aBNBc) tokens on the Ankr protocol.
👉 Read also – Mazars: Binance and Crypto.com proof of reserves auditor stops its crypto activity
Progress in the world of cryptocurrencies with Cryptoast experts 📘
Source figure 2: DefiLlama
Newsletter 🍞
Receive a summary of crypto news every Monday by email 👌
What you need to know about affiliate links. This page presents assets, products or services relating to investments. Some links in this article are affiliated. This means that if you buy a product or register on a site from this article, our partner pays us a commission. This allows us to continue to offer you original and useful content. There is no impact on you and you can even get a bonus by using our links.
Investments in cryptocurrencies are risky. Cryptoast is not responsible for the quality of the products or services presented on this page and could not be held responsible, directly or indirectly, for any damage or loss caused following the use of a good or service highlighted in this article. Investments related to crypto-assets are risky by nature, readers should do their own research before taking any action and only invest within the limits of their financial capabilities. This article does not constitute investment advice.
AMF recommendations. There is no guaranteed high return, a product with high return potential involves high risk. This risk-taking must be in line with your project, your investment horizon and your ability to lose part of this savings. Do not invest if you are not ready to lose all or part of your capital.
To go further, read our Financial Situation, Media Transparency and Legal Notices pages.
Passionate about the world of decentralized finance and the novelties brought by Web 3.0, I write articles for Cryptoast to help make the blockchain more accessible to everyone. Convinced that cryptocurrencies will change the future very soon.
Maximilien Prue
511 items
