Raydium Confirmed Total Damage After Hack About $4,395 Million

Raydium experienced an attack caused by the private key leak of the fund pool owner accounts that resulted in approximately $4,395 million in losses. Now the patch has been applied and the platform is looking to recover the coins with a bonus of 10% of the total hack for miners.

As was updated in an earlier Coincu News article, Raydium, a decentralized exchange (DEX) based on the Solana blockchain, experienced an identified hack due to an attacker using the address the administrator of the exchange to perform the hack.

Today, Raydium released an update specific to the hack. In response to yesterday’s attack, Raydium tweeted that it is working with third-party audits and the Solana team to gather more information. So far, a patch has been released to prevent further attacks.

This attack has nothing to do with the privilege escalation of the program itself. The exploit appears to stem from a trojan attack and compromised private key for the pool owner account.

The attacker gained access to the pool owner account and was then able to invoke the withdrawal function, which is used to collect transaction/protocol fees earned on swaps in the pool.

Affected fund groups include SOL-USDC, SOL-USDT, RAY-USDC, RAY-USDT, RAY-SOL, stSOL-USDC, ZBC-USDC, UXP-USDC and whETH-USDC, with total losses of approximately $4,395 million.

Also, as an instant fix, the previous owner’s permissions were revoked and all accounts updated to the new hardware wallet account, so the attacker no longer has access and can no longer attack these groups.

In an attempt to fix the damage, the platform claims hackers will be offered 10% of the stolen funds as a white hat bug bounty.

DISCLAIMER: The Information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.

Join us to keep track of news: https://linktr.ee/coincu

Website: coincu.com

Foxy

Coincu News