Solana-based decentralized exchange platform Raydium confirmed in a tweet on Friday that it had been the victim of an exploit.
At press time, around $2 million worth of different cryptocurrencies was sitting in the account of an attacker that managed to maliciously withdraw user funds from Raydium exchange pools.
“Initial understanding is owner authority was overtaken by attacker, but authority has been halted on AMM & farm programs for now,” Raydium wrote in its tweet, referring to automated market makers.
Raydium, which allows users to trade between different cryptocurrencies without the use of an intermediary, is one of the premier platforms in Solana’s beleaguered decentralized finance (DeFi) ecosystem. According to its own numbers, Raydium has around $45 million locked in trading pools and facilitated around $4 million in trades in the past 24 hours. It is unclear whether that $4 million includes the improper withdrawals from the attacker.
CORRECTION (Dec. 16, 3:35 UTC): Fixed the headline to show the scale of the exploit was seven figures, not larger.
CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by Block.one; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk offers all employees above a certain salary threshold, including journalists, stock options in the Bullish group as part of their compensation.