Key Points
- Hackers successfully extracted approximately $1.34 million from five dormant liquidity pools on Raydium’s Solana-based platform
- The breach compromised assets totaling roughly 150,000 RAY tokens, 5,600 SOL, and 893,700 USDC
- Attackers leveraged vulnerabilities in an outdated AMM system discontinued in 2021, leaving active pools untouched
- Raydium’s treasury committed to complete reimbursement for all impacted participants
- Security firm PeckShield identified approximately 810 ETH moving through Tornado Cash following the attack
On June 10, Raydium—a Solana-based decentralized trading platform—disclosed that malicious actors had successfully exploited obsolete components of its infrastructure, resulting in the theft of roughly $1.34 million worth of digital assets.
The compromised liquidity pools had been disconnected from Raydium’s user-facing platform since 2021, when the exchange transitioned away from its AMM V3 system. According to Raydium’s statement, neither current platform users nor actively maintained pools experienced any impact.
Technical Breakdown of the Security Breach
Blockchain security researcher Specter identified that the perpetrators exploited a counterfeit mint address to circumvent security validation mechanisms within the inactive pool infrastructure. The fundamental vulnerability stemmed from inadequate verification of LP mint addresses, enabling attackers to manipulate proportion verification systems.
The stolen inventory consisted of approximately 150,177 RAY tokens, 5,603 SOL, and 893,700 USDC. According to Specter’s analysis, the attacker’s operation was initially funded through KuCoin before the digital assets were transferred to the Ethereum network.
Cybersecurity company PeckShield monitored the movement of stolen assets following their migration to Ethereum’s blockchain. Tracking revealed that roughly 810 ETH was funneled into Tornado Cash, while an additional seven ETH moved through FixedFloat.
Following the U.S. Treasury Department’s removal of Tornado Cash from its sanctions list in March 2025, the privacy mixer’s use remains legal but continues to present challenges for fund recovery efforts.
Complete User Compensation Guaranteed by Protocol
Raydium publicly announced that its treasury reserves would fully compensate all financial losses stemming from this security incident. While the protocol emphasized that no active platform participants were affected, certain users maintained positions in the legacy pool infrastructure.
This represents Raydium’s second major compensation initiative. Following a December 2022 administrative key compromise that affected operational pools, community governance authorized the deployment of buyback revenues and locked team token allocations to reimburse liquidity providers.
The development team clarified that its current production programs remain uncompromised and are currently undergoing additional independent security assessments.
Market sentiment showed minimal disruption. Raydium’s token traded around $0.57, experiencing less than a 1% decline during the 24-hour period after the disclosure. Solana experienced a modest decrease of nearly 2%, settling near $63.88 throughout the same timeframe.
The RAY token demonstrated resilience, actually gaining more than 2% on the day the exploit became public knowledge.
Raydium emphasized that its software development kit and decentralized application infrastructure do not permit interactions with the retired AMM V3 pool system on the mainnet, reinforcing that the vulnerability was strictly limited to discontinued code.
Ongoing investigations by PeckShield and Specter continue tracking the misappropriated assets. Current evidence confirms the exploit remained isolated to deprecated infrastructure without penetrating Raydium’s operational trading ecosystem.
Get 3 Free Stock Ebooks
Discover top-performing stocks in AI, Crypto, and Technology with expert analysis.
- Top 10 AI Stocks - Leading AI companies
- Top 10 Crypto Stocks - Blockchain leaders
- Top 10 Tech Stocks - Tech giants
