On December 16, 2022, a malicious actor used the Pool Owner account to start an exploit on the authoritative account of the Raydium Liquidity Pool V4. OtterSec, a blockchain audit company, also published a description of the attack.
The aforementioned Pool Owner account was first set up on a virtual machine with a separate internal server. Additional investigation has revealed that there is currently no proof that the Pool Owner account’s private key has ever been passed, shared, moved, or kept locally outside of the virtual machine where it was first installed.
According to the Raydium team, an attacker can gain control of a remote server leading to a trojan attack is possible.
“Initial suspicions are that the attacker may have gained remote access to the virtual machine or internal server where the account was deployed. The exact intrusion vector has yet to be identified, but a trojan attack may be one possibility.”
The Raydium exploiter account appears to be involved in additional illicit conduct on Solana, according to a preliminary examination. A tweet from cloudzy.sol on November 7 detailing a wallet to exploit totaling 198 SOL that ultimately ended up in the same account that paid the principal Raydium exploiter wallet as described in the initial post-mortem tweet is one indicator of this.
Eight continuous product liquidity pools on Raydium were compromised, and a total of about $4.4 million in funds were taken. The exploit did not impact RAY staking programs or concentrated liquidity pools. The exploit had no impact on any other pool or funds on Raydium.
In order to effectively assess the impact of the exploit on the pools for user LP balances and track attacker wallets, Raydium is simultaneously pursuing possibilities for the repatriation of cash.
The team acknowledged that the monies in question are causing anxiety for all parties but added that more time was needed to gather data and information in order to evaluate all possible future courses of action. As more information becomes available, it will be announced.
DISCLAIMER: The Information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.
Join us to keep track of news: https://linktr.ee/coincu
Website: coincu.com
Harold
Coincu News
ETFSwap (ETFS) utility token receives honorable mention as popular crypto analyst reveals top 10 high…
As Bitcoin’s founder mystery remains unsolved, Bitcoin’s popularity and adoption are increasing by the day.
London, United Kingdom, May 6th, 2024, ChainwireGBM Auction (https://gbm.auction), the Bid-to-Earn Auction company, is thrilled…
ColleAI is an innovative multi-chain AI NFT platform that aims to revolutionize how we create…
BioMatrix, an L1 blockchain wealth distribution platform aimed at providing a globally accessible UBI to…
Explore the latest crypto trends, Ethereum's status, Bitcoin ETFs, and crypto market dynamics. Learn about…
This website uses cookies.