thecoinrepublic.com
On Dec. 16, 2022 Raydium (RAY), the Solana (SOL) based DeFi Exchange (DEX) investigated that the exploit had affected liquidity pools. As a hacker exploited RAY for more than $4.3 Million in crypto.
An exploit on Raydium is being investigated that affected liquidity pools. Details to follow as more is known
— Raydium (@RaydiumProtocol) December 16, 2022
⁰Initial understanding is owner authority was overtaken by attacker, but authority has been halted on AMM & farm programs for now
Attacker accnthttps://t.co/ZnEgL1KSwz
In its initial Post-Mortem, the next day, Raydium said it was working with third-party auditors and teams across the smart contract platform, Solana to gather additional information about the hack. Additionally, they have put a patch in place to prevent further exploits from the attacker.
1/ Initial Post-Mortem: Raydium is working w 3rd-party auditors and teams across Solana to gather additional info. As of now, a patch is in place preventing further exploits from the attacker.
— Raydium (@RaydiumProtocol) December 16, 2022
The following includes info up to now. Big thanks to all teams providing support https://t.co/yKRdA6BAqv
The DEX noted that “As an immediate solution, previous owner authority has been revoked and all program accounts have been updated to new hard wallet accounts. As such, the attacker no longer has access authority and is no longer able to exploit the pools.”
While, in case “the attacker returns the funds, 10% of the total amount will be offered and considered as a white-hat bug bounty,” the DEX added.
7/ If the attacker returns the funds, 10% of the total amount will be offered and considered as a white-hat bug bounty. The attacker is encouraged to reach out through normal channels or via the below address
— Raydium (@RaydiumProtocol) December 16, 2022
0x6d3078ED15461E989fbf44aE32AaF3D3Cfdc4a90
However, the hacker was able to siphon around $4.3 Million worth of stablecoins and other crypto assets from five different pools, Raydium quoted.
On Dec. 18, 2022, Raydium gave the exploit update through a full Medium post with further details, solutions implemented, and their next steps.
Exploit update: Full medium post below w further details, solutions implemented, and next steps.
— Raydium (@RaydiumProtocol) December 17, 2022
Raydium greatly appreciates the support & help received from teams, the community, and security experts across Solana up until now. More to come.https://t.co/DvwQ6gZ1nN
In its Medium post, Raydium mentioned that the exploit happened in two parts. The attacker used “the withdrawPNL instruction function to withdraw funds (designated as fees) from the pool vault. After withdrawPNL is initiated, the need_take_pc and need_take_coin calculation automatically resets to zero.”
Then, “The attacker used the SetParams instruction in conjunction with AmmParams::SyncNeedTake to inflate the balances for need_take_pc and need_take_coin without trading volume needing to occur, allowing the attacker to alter and increase the expected fees and then withdraw the funds (designated as fees) from the pool vault via withdrawPNL, repeatedly,” as mentioned in the post.
RAY Price Analysis in One Week
The current price of Raydium (RAY) is $0.159 USD with a 24-hour trading volume of $7.44 Million USD. However, RAY is up 2.53% in the last 24 hours, with a live market cap of $26.61 Million USD.
In one week the price of RAY dropped from $0.191 to its current price by almost 16%. Its market cap also noted the decline from around $31 Million to just $26 Million.