金色财经|Jun 11, 2026 06:08
Raydium confirms that the old version of AMM V3 has been attacked, with approximately $1.34 million in assets stolen and will be fully compensated
According to a report by Golden Finance, on June 11th, InfraRAY, a core contributor to Raydium, stated in a post that the team has confirmed that the old version AMM V3 program, which was discontinued in 2021, has been attacked. The attacker removed some liquidity without authorization, but this incident does not affect current Raydium users, and the related fund pool has been unable to interact through the Raydium official UI since its discontinuation. The Raydium SDK and DApp also do not support the operation of the mainnet old version AMM V3 fund pool.
The 5 fund pools affected this time include: Sollet USDT-RAY, Sollet ETH-RAY, SRM-RAY, USDC-RAY, and RAE-SOL. Preliminary statistics show that the stolen assets include approximately 150177 RAY, 5603 SOL, and 893700 USDC, with a total value of approximately 1.34 million US dollars. The related losses will be fully compensated by Caiku.
The investigation shows that the vulnerability is due to insufficient verification of LP token casting addresses. The attacker bypassed the protocol's proportional verification mechanism by creating new LP tokens and impersonating legitimate LP tokens, thereby extracting funds. However, this incident is an independent logic vulnerability, not caused by private key leakage or permission intrusion, and there is no risk of diffusion. At present, all current Raydium mainnet programs have not been affected.
Share To
Timeline
HotFlash
APP
X
Telegram
CopyLink