⚠️ Raydium Exploit Drains $1.34M From a Legacy Program Retired Nearly 5 Years AgoA hacker has exploited Raydium's legacy AMM V3 program, which has been inactive since 2021, draining approximately $1.34 million from several dormant liquidity pools.

🔸 The stolen assets included 150,177 RAY, 5,603 SOL, and 893,700 USDC across five legacy pools.
🔸 According to the post-mortem, the vulnerability stemmed from insufficient LP token validation. The AMM V3 program verified the amount of LP tokens presented during withdrawals but failed to properly verify their origin.
🔸 The attacker was able to create counterfeit LP tokens, use them as valid withdrawal credentials, and drain funds that had remained locked in inactive pools since the collapse of Serum.
🔸 Raydium emphasized that the exploit was isolated to the deprecated AMM V3 codebase and was not caused by compromised private keys, governance access, or infrastructure.
🔸 Current Raydium programs are not affected, as they include full LP token origin verification. No active users suffered losses.
🔸 The Raydium treasury will fully reimburse affected funds, and the team has launched a comprehensive security review of all remaining legacy programs.
‍#Daily $BTC $RAY