Raydium exploit losses will be reimbursed after attackers drained about $1.3 million from five legacy liquidity pools on Solana. The protocol said active pools were not affected. It also said current users faced no direct impact from the reported incident.
Blockchain security firm PeckShield and on-chain investigator Specter said the attack targeted retired automated market maker infrastructure. The affected pools were tied to Raydium’s earlier AMM design and were no longer used by active pools. Raydium said the assets would be covered by its treasury.
Also Read: Ethereum Exchange Balances Fall to Record Low of 14.5 M ETH
Raydium Exploit Linked to Old AMM Infrastructure
According to Specter, the exploit involved a forged mint address that the attacker leveraged to exploit a validation loophole in the dormant pools. Thus, the hacker exploited a flaw in the old infrastructure of Raydium instead of exploiting the platform’s trading mechanism.
The hacker stole around 150,177 RAY tokens, 5,603 SOL, and 893,700 USDC. Specter stated that the initial source of the funds for the attacker was KuCoin. These funds were then moved to Ethereum.
Regarding the attack, Raydium confirmed that the vulnerable pools were in a deprecated Raydium program where there is no active user involvement. Also, the treasury of Raydium would make up for any asset that was compromised.
As a result, the losses incurred from the Raydium exploit will not be suffered by users who are still exposed to the pools.
PeckShield discovered some of the assets that were stolen after they were transferred from Solana to Ethereum. According to the company, 810 ETH was sent to Tornado Cash, while 7 ETH was moved to FixedFloat.
PeckShield Tracks Raydium Exploit Funds on Ethereum
The utilization of Tornado Cash will make it hard for investigators to trace down the assets. Tornado Cash was delisted from the sanction list of the U.S. Treasury Department in March 2025. PeckShield identified the fund transfer as part of their investigations regarding the Raydium exploit funds.
The incident adds to broader concerns about dormant code across decentralized finance. Token of Power had another exploit this week, which saw over $1.5 million worth of money withdrawn from a liquidity pool using balance manipulation on tokens and withdrawing WETH.
Raydium had handled compensation before after a December 2022 security breach, causing a loss of money in active liquidity pools through admin key compromise. The governance proposal later decided to compensate the users by buying back tokens and utilizing the vested tokens of the team.
The current compensation procedure of Raydium regarding this exploit involves a familiar path, despite having different systems affected. It is still under investigation, but preliminary results of PeckShield and Specter showed that the Raydium exploit was limited to outdated software infrastructure.
Also Read: Cardano Dormant Wallet Activity Reaches 2-Month High
