As was updated in an earlier Coincu News article, Raydium, a decentralized exchange (DEX) based on the Solana blockchain, experienced an identified hack due to an attacker using the address the administrator of the exchange to perform the hack.
Today, Raydium released an update specific to the hack. In response to yesterday’s attack, Raydium tweeted that it is working with third-party audits and the Solana team to gather more information. So far, a patch has been released to prevent further attacks.
This attack has nothing to do with the privilege escalation of the program itself. The exploit appears to stem from a trojan attack and compromised private key for the pool owner account.
The attacker gained access to the pool owner account and was then able to invoke the withdrawal function, which is used to collect transaction/protocol fees earned on swaps in the pool.
Affected fund groups include SOL-USDC, SOL-USDT, RAY-USDC, RAY-USDT, RAY-SOL, stSOL-USDC, ZBC-USDC, UXP-USDC and whETH-USDC, with total losses of approximately $4,395 million.
Also, as an instant fix, the previous owner’s permissions were revoked and all accounts updated to the new hardware wallet account, so the attacker no longer has access and can no longer attack these groups.
In an attempt to fix the damage, the platform claims hackers will be offered 10% of the stolen funds as a white hat bug bounty.
DISCLAIMER: The Information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.
Join us to keep track of news: https://linktr.ee/coincu
Website: coincu.com
Foxy
Coincu News
Discover how Toncoin's valuation, SUI's latest Google Cloud partnership, and BlockDAG's soaring presale frame the…
Free crypto airdrops are one of the ways to help users participate in the project…
The PancakeSwap Swap Bot supports trading on PancakeSwap’s v2, v3, and stableswap protocols on the…
From industry giants like Cardano and Solana to emerging players like Qubetics, it’s no wonder…
US jobless claims fell to 217,000 for the week ending November 9, the lowest since…
World Liberty Financial integrated Chainlink for secure, reliable on-chain data and cross-chain interoperability as it…
This website uses cookies.