Hacker Steals 5,600 SOL and 900,000 USDC From Legacy Raydium Pools

The project team said all affected users will be fully reimbursed from the protocol’s treasury.

Hacker drains $1.34 million from legacy Raydium liquidity pools

11.06.2026 - 10:20

2 min

Key points:

Decentralized exchange Raydium lost approximately $1.34 million after an attacker exploited a vulnerability in its legacy AMM V3 protocol, which was retired in 2021.
The attacker drained roughly 150,000 RAY, 5,600 SOL, and 900,000 USDC from several inactive liquidity pools that were not connected to the platform’s current infrastructure.

Solana-based decentralized exchange Raydium has disclosed an exploit involving its deprecated AMM V3 automated market maker. The attacker drained approximately $1.34 million in assets from several inactive liquidity pools.

Source: X.com

According to preliminary estimates, the affected pools included RAY-SOL, USDC-RAY, and SRM-RAY. The attacker withdrew approximately 150,000 RAY, 5,600 SOL, and nearly 900,000 USDC.

The project team said all user losses will be fully covered by the protocol treasury.

Current Raydium Infrastructure Was Not Affected

Raydium emphasized that the vulnerability was limited to the AMM V3 program, which was decommissioned in 2021. Since then, it has not been accessible through Raydium’s official interface and has not been supported by the platform’s core services.

According to the development team, the issue stemmed from insufficient validation of LP tokens. This allowed the attacker to bypass intended safeguards and gain access to funds held in the legacy liquidity pools.

Raydium stated that its active programs on the Solana mainnet were not affected by the incident. The protocol’s current infrastructure is also undergoing an additional security review.

Despite the exploit, market reaction was muted. Raydium’s native token RAY remained largely unaffected and actually gained more than 2% over the past 24 hours.

Author: