
Here’s a sharper, more concise rewrite with a clean news tone:
Raydium, a decentralized exchange on Solana, suffered a $1.34 million exploit on June 10, 2026, after an attacker targeted five deprecated liquidity pools tied to its legacy AMM V3 program. The vulnerability—an overlooked smart contract flaw—had remained live on-chain for nearly five years.
The attacker, operating from a wallet ending in “Bq33QVk,” extracted around $900,000 in USDC, $357,000 in SOL, and $86,000 in RAY tokens.
Following the exploit, the funds were bridged from Solana to Ethereum and funneled through Tornado Cash, a widely used privacy protocol that makes tracing and recovery extremely difficult.
Fake LP Tokens Exploited a Validation Gap
The breach stemmed from a failure to properly validate liquidity provider (LP) tokens in the legacy AMM V3 contracts. In standard AMM systems, LP tokens must match the correct mint when users withdraw funds.
In this case, that verification step was missing. The attacker created a fake SPL token mint, issued a single counterfeit LP token, and used it to withdraw real assets from the pools.
This process was repeated across five outdated pools—Sollet USDT–RAY, Sollet ETH–RAY, SRM–RAY, USDC–RAY, and RAY–SOL—resulting in losses totaling about 150,177 RAY, 5,603 SOL, and 893,700 USDC.
A Raydium contributor known as 0xInfra confirmed the issue was a “self-contained logic flaw,” adding that no private keys were compromised and that current versions of the protocol are unaffected.
Unlike Raydium’s December 2022 hack, which involved stolen keys and led to a $4.4 million loss, this incident was caused by outdated code that remained accessible despite being deprecated.
Cross-Chain Exit Obscures Fund Trail
On-chain analysts tracked the exploit as the attacker consolidated assets and moved them off Solana. The funds were bridged to Ethereum, routed through platforms such as KuCoin and FixedFloat, and eventually deposited into Tornado Cash.
This cross-chain laundering pattern is common in DeFi exploits, designed to break transaction traceability. Investigators noted the attacker avoided selling assets on Solana altogether. Once inside Tornado Cash, tracking becomes significantly more difficult, and no funds have been frozen so far.
No Impact on Active Users
Raydium confirmed that no active users or current liquidity pools were affected. The exploited pools had already been deprecated and were not accessible through the platform’s interface.
The protocol stated it will fully reimburse the stolen funds using its treasury. It is also retiring the legacy AMM V3 program IDs and conducting a comprehensive audit of both active and legacy code. No timeline for reimbursement has been announced.
Market Reaction
RAY rose about 2% in the 24 hours following the incident, trading near $0.578. However, the token remains down 7% over the past week and is still roughly 96.6% below its all-time high of $16.83, reflecting broader weakness in the Solana ecosystem.
Let me know if you want an ultra-short version or headline-style summary.





