On Friday, December 16, 2022, the decentralized exchange (DEX) platform Raydium, based on the Solana blockchain, suffered a malicious attack that resulted in the attacker gaining control of user funds totaling more than $2 million.
Raydium is a liquidity provider and Automated Market Maker (AMM) for the Serum Decentralized Exchange, built on the Solana blockchain. It aggregates liquidity from its own liquidity pools and Serum’s orderbook, allowing users to trade between different cryptocurrencies without the use of an intermediary. The attack was first reported in a tweet by Raydium, in which the platform acknowledged that an exploit had occurred and that the owner authority had been overtaken by the attacker.
In response to the attack, Raydium has halted authority on AMM and farm programs whilst the investigation takes place. At the time of the attack, Raydium had around $45 million locked in trading pools and had facilitated roughly $4 million in trades over the past 24 hours. It is unclear how much of this volume was affected by the malicious withdrawals.
The Raydium hack is the latest in a series of exploits and hacks that have plagued the decentralized finance (DeFi) space in recent months. Ethereum has been the go-to blockchain for many developers of decentralized applications, but the Raydium hack is a reminder that other blockchains such as Solana are increasingly becoming targets of malicious actors.
Despite the attack, Raydium remains one of the premier platforms in Solana’s DeFi ecosystem. It provides users with the ability to exchange their funds for Solana through beginner-friendly exchanges, allowing for a straightforward and secure way to conduct trades.
The Raydium hack is a reminder that security is paramount in the DeFi space, and that developers must remain vigilant in order to protect users from malicious actors.