Raydium DEX's AMM Program Exploited For $1.34 Million
10 Jun 2026 · 20:05 UTC · NewsBTC RSS Feed · Original source
Read original at NewsBTC RSS Feed →
Summary
Raydium, a decentralized exchange on the Solana blockchain, suffered a $1.34 million exploit affecting its retired AMM V3 program. The attacker drained approximately 150,000 RAY, 5,600 SOL, and 900,000 USDC from Raydium pools including RAY-SOL, USDC-RAY, and SRM-RAY pairs. The vulnerability stemmed from insufficient validation of LP mint addresses in the legacy AMM V3, enabling the attacker to create a fake mint and bypass intended proportion checks. The legacy AMM V3 program was phased out in 2021 and is no longer accessible through Raydium's current user interface. Raydium confirmed that current programs remain unaffected and stated the firm is conducting comprehensive security reviews of all mainnet programs. Security firm PeckShield traced the attacker's funds, which were initially funded via KuCoin and then bridged from Solana to Ethereum. According to PeckShield, 810 ETH were sent to Tornado Cash and 7 ETH moved to FixedFloat, indicating apparent laundering activity.
Why it matters
Security breaches trigger immediate reassessment of protocol safety, causing market participants to sell exposed tokens. This sentiment contagion spreads through the DeFi sector as investors reassess their security assumptions. Damaged protocols face liquidity withdrawal risks as users exit to avoid further exposure. Containment factors mitigate panic: The incident is bounded to legacy AMM V3 code (phased out 2021, not current systems). Raydium's transparent communication stating current programs are unaffected, combined with ongoing security audits by core contributors, demonstrates institutional oversight. Third-party analysis from PeckShield showing active fund tracing adds credibility. Key assumptions: The vulnerability is truly contained to legacy code; no systemic issues exist in current systems; market participants trust Raydium's reassurances; no additional exploits are immediately discovered; no cascading failures occur in dependent protocols. Uncertainties include: Disclosed vulnerability details enabling copycat attacks on similar patterns; hidden vulnerabilities surfacing during audits; unexpected liquidity flight triggered by uncertainty; regulatory scrutiny of Solana ecosystem increasing; audit completion timeline remaining unpredictable. ALT tokens (especially RAY, SOL) face higher directional pressure than BTC, which exhibits macro flight-to-safety dynamics.
Expected impact
The Raydium exploit represents a moderate security incident affecting the Solana DeFi ecosystem. While the affected AMM V3 program was retired in 2021 and no longer accessible through Raydium's interface, the incident may create near-term uncertainty about protocol security. Short-term (minutes to hours): Sharp selloff likely in RAY token as investors react to protocol breach and $1.34M fund drainage. SOL experiences moderate downward pressure due to ecosystem confidence concerns. Broader altcoins see risk-off selling as investors reassess DeFi security assumptions. BTC may see mild support from flight-to-safety, though direct impact is minimal. Medium-term (daily to weekly): RAY token faces continued pressure from negative sentiment and protocol reliability concerns. SOL sentiment could stabilize as Raydium clarifies that current programs are unaffected and audits are underway. DeFi tokens generally experience pressure as investors weigh security risks. Potential for selective buying if market perceives the incident as isolated and containable. Longer-term (monthly): Recovery depends heavily on audit results and remediation effectiveness. RAY reputation is damaged but recoverable if security reviews confirm current programs are robust. SOL ecosystem may strengthen as a wake-up call for enhanced security protocols. BTC likely unaffected unless incident cascades systemically.