16 Dec 2022
$2 Million Solana Protocol Raydium Hack
After Serum, another Solana-based DEX has had its administrator key compromised.
They stole over $2 million from Raydium, a Solana decentralized exchange (DEX). Raydium claims the hacker appears to have used the admin address of the exchange to launch the attack. While acknowledging the hack on Twitter, Raydium stated that further investigation was needed.
It provided a link to the attacker's account, which appears to be holding Solana-based tokens valued at $1.45 million at the time of writing. According to Solscan, most of this balance comprises SOL ($1.4 million) and SPL tokens ($44,000).
"Initial understanding is owner authority was overtaken by the attacker, but the authority has been halted on AMM & farm programs for now," said Raydium.
According to earlier information from crypto-intelligence provider Arkham, the Solana account has already drained several liquidity pools on Raydium. It advised taking money out of Raydium as soon as possible.
The investigation by on-chain sleuth ZachXBT revealed that about $2 million in funds have already been bridged to Ethereum, so that's only part of the story. When the US Treasury Department approved Tornado Cash as a crypto privacy mixer in August, those funds were swiftly deposited into it.
Nansen, which reported that the hacker withdrew $2.2 million in tokens from Raydium, including $1.6 million in SOL, confirmed ZachXBT's findings. There are still $35 million in funds on the DEX, according to DeFiLlama.
Solana, including its native asset and defi ecosystem, has not fared well during the crypto bear market. SOL has dropped significantly from the top ten cryptocurrency rankings because of the failure of FTX and Alameda Research, two companies that were strong advocates for the network. As of this writing, the token is only worth $12, down from $36 on November 5 before FTX's liquidity crisis.
While FTX was down, Serum, another Solana-based DEX, was forced to restart because its validator key was exposed. Openbooks, the new protocol, is meant to be community-driven. The fallout also led to a 75%+ decline in the value of Serum's SRM token since November 6th. At the time, the Solana Foundation had over $100 million in SRM on FTX, all of which have since been lost. The month prior had been disastrous for DeFi.
Ultimately, smart contract exploits resulted in losses of $657 million.
Disclaimer: Nothing on this site should be construed as a financial investment recommendation. It’s important to understand that investing is a high-risk activity. Investments expose money to potential loss.