- Raydium Protocol, an AMM on Solana’s network, was hacked.
- The hacker gained owner authority and accessed massive amounts of funds through the protocol’s liquidity pools.
Radiyum Protocol, an order book AMM (Automated market Maker) on the Solana [SOL] network, was hacked on 16 December. Reportedly, the hacker extracted funds from various Raydium liquidity pools without owning or burning any LP tokens.
An exploit on Raydium is being investigated that affected liquidity pools. Details to follow as more is known
⁰Initial understanding is owner authority was overtaken by attacker, but authority has been halted on AMM & farm programs for now
Attacker accnthttps://t.co/ZnEgL1KSwz— Raydium (@RaydiumProtocol) December 16, 2022
Read Solana’s [SOL] Price Prediction 2023-24
How did the hacker go about it?
Through the help of multiple organizations, the team at Radium Protocol figured out how the attack took place. Allegedly, the hacker took owner authority, through which he could access these funds.
1/ Initial Post-Mortem: Raydium is working w 3rd-party auditors and teams across Solana to gather additional info. As of now, a patch is in place preventing further exploits from the attacker.
The following includes info up to now. Big thanks to all teams providing support https://t.co/yKRdA6BAqv
— Raydium (@RaydiumProtocol) December 16, 2022
The attack stemmed from a Trojan attack that was sent to the pool’s owner account along with a compromised private key. After getting access to the owner’s account, the hacker called a function that collected trading and protocol fees.
There was a comprehensive list of pools that the hacker exploited. Some of these pools included SOL-USDC, SOL-USDT, and RAY-USDC. The overall amount of funds that the hacker left was around $4.3 million.
5/ Pools affected:
SOL-USDC
SOL-USDT
RAY-USDC
RAY-USDT
RAY-SOL
stSOL-USDC
ZBC-USDC
UXP-USDC
whETH-USDCApprox total funds exploited by attacker
RAY 1,879,638
stSOL 3,214
whETH 39.3
USDC 1,094,613
SOL120,512
UXP 21,068,507
ZBC9,758,647
USDT110,427Total USD: ~4,395,237
— Raydium (@RaydiumProtocol) December 16, 2022
The stolen assets included SOL, staked SOL, and USDC, among others.
Next steps for Solana
Raydium Protocol’s immediate response was to revoke the account’s owner authority. To incentivize the attacker to return the funds, the developers have kept 10% of the stolen amount as a bounty. If the hackers were to return the funds, they would receive the reward in their account.
7/ If the attacker returns the funds, 10% of the total amount will be offered and considered as a white-hat bug bounty. The attacker is encouraged to reach out through normal channels or via the below address
0x6d3078ED15461E989fbf44aE32AaF3D3Cfdc4a90
— Raydium (@RaydiumProtocol) December 16, 2022
Looking at SOL
With multiple downtimes, FTX exposure, and now, hackers attacking protocols on its ecosystem, Solana could not catch a break in 2022.
Its TVL was massively affected due to these events. According to DeFiLlama, Solana’s TVL decreased from 1.37 billion to $259.74 million in the past four months.
If things continued to move in this direction, it would be extremely difficult for Solana to recover from this crypto winter.
However, there were a few things that Solana users could be grateful for in these turbulent times.
According to data from SOLSCAN, the fees generated by the Solana network increased over the last seven days. Along with that, the TPS for Solana rose as well.
It remains to be seen when Solana’s bad spell will end. SOL, however, was trading at $12.31 at the time of writing. Subsequently, its price fell by 11.95% in the last 24 hours until press time, according to CoinMarketCap.
Source: https://ambcrypto.com/solana-woes-continue-as-one-of-its-amm-protocols-gets-hacked/