According to the developer’s statement, the Solana-based decentralized finance protocol Raydium is subject to an exploit. left. The team’s initial investigation revealed that the attacker had hijacked the exchange owner’s account. The team said “authority” over automated market maker and farm programs is currently on hold.
Twitter user and researcher ZachXBT says the attacker has bridged $2 million to Ethereum so far. reported.
An exploit on Raydium is being investigated that affected liquidity pools. Details to follow as more is known
⁰Initial understanding is owner authority was overtaken by attacker, but authority has been halted on AMM & farm programs for now
— Raydium (@RaydiumProtocol) December 16, 2022
A Raydium administrator account will send approximately 1,000 transactions to the Solana network on December 16 at 17:00. sent.
Each transaction removed liquidity from Raydium without depositing a corresponding LP token, effectively confiscating the funds of the liquidity providers. Various tokens were seized in the exploit, including USDC, Wrapped SOL (wSOL), Raydium, and others.
Transactions made from the admin wallet used in the attack. Source: Solscan.io
The exploit appears to have been first discovered by the Prism development team. The team first issued a warning that an attacker was withdrawing liquidity from Raydium without depositing and burning LP tokens. Prism advises users to immediately withdraw Prism and USDC tokens from the exchange. warned.
The Raydium team also took to Twitter shortly after to confirm it was hacked.
According to crypto audit firm Ottersec, the cyber attacker exhausted the funds by calling the withdraw_pnl function on the contract used by the developer to withdraw the fees. The firm did not share details on whether this functionality could be used to withdraw all liquidity from pools or just a small percentage.
Crypto analytics firm Nansen Portfolio said the attacker withdrew more than $2.2 million from the exchange. confirmed. The Raydium team is still investigating the abuse at the time of publication, and it is not yet clear whether compensation will be offered to the victims of the attack.
You May Be Interested: Ankr Protocol has been hacked into billions of dollars!
Administrator account attacks seem to have become a common problem in the crypto industry lately. The distribution key of the Ankr protocol was stolen on December 2, and the attacker used it to remove $5 million worth of BNB. The Ronin network bridge was hacked in similar ways earlier in the year, and the attacker disappeared with over $600 million in crypto.
Ankr has since refunded its affected users, and Ronin developer Axie Infinity has promised to do the same.