As was updated in an earlier Coincu News article, Raydium, a decentralized exchange (DEX) based on the Solana blockchain, experienced an identified hack due to an attacker using the address the administrator of the exchange to perform the hack.
Today, Raydium released an update specific to the hack. In response to yesterday’s attack, Raydium tweeted that it is working with third-party audits and the Solana team to gather more information. So far, a patch has been released to prevent further attacks.
This attack has nothing to do with the privilege escalation of the program itself. The exploit appears to stem from a trojan attack and compromised private key for the pool owner account.
The attacker gained access to the pool owner account and was then able to invoke the withdrawal function, which is used to collect transaction/protocol fees earned on swaps in the pool.
Affected fund groups include SOL-USDC, SOL-USDT, RAY-USDC, RAY-USDT, RAY-SOL, stSOL-USDC, ZBC-USDC, UXP-USDC and whETH-USDC, with total losses of approximately $4,395 million.
Also, as an instant fix, the previous owner’s permissions were revoked and all accounts updated to the new hardware wallet account, so the attacker no longer has access and can no longer attack these groups.
In an attempt to fix the damage, the platform claims hackers will be offered 10% of the stolen funds as a white hat bug bounty.
DISCLAIMER: The Information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.
Join us to keep track of news: https://linktr.ee/coincu
Website: coincu.com
Foxy
Coincu News
According to Bloomberg, April is reportedly the worst month for Bitcoin since FTX's fall, declining…
According to CoinDesk, Binance founder CZ sentenced to four months in prison for violating anti-money…
Roger Ver arrested in Spain for tax evasion. Accused of causing a $48 million loss…
Crypto market liquidation reaches over $300M in the last 24 hours. Ethereum and Bitcoin saw…
Binance's Changpeng Zhao sentencing guidelines are being considered for money laundering violations, with the judge…
Allegations have surfaced against SEC Chair Gary Gensler, accusing him of misleading Congress about the…
This website uses cookies.