In brief
- Solana DEX Raydium was hit with a $1.3 million exploit on Wednesday.
- The exploit affected five deprecated liquidity pools from an older version of its automated market maker program.
- The incident joins a growing list of DeFi exploits and the discovery of major vulnerabilities, some fueled with AI tools.
Five deprecated liquidity pools from Solana-based decentralized exchange Raydium were exploited on Wednesday, leading to more than $1.34 million in stolen funds.
The exploit impacted the firm’s legacy automated market maker program and led to the loss of Solana (SOL), as well as dollar-backed stablecoin USDC and the exchange’s native token, RAY.
“No current users of Raydium are affected by this exploit or would have been able to interact with these pools through the UI since their deprecation,” posted pseudonymous Raydium contributor 0xInfra on X.
The exploiter, who has a Solana address ending in “Bq33QVk,” was able to bypass validation logic in the deprecated program and mint new liquidity provider tokens. In total, the attacker made off with nearly $900,000 in USDC, approximately $357,000 in SOL, and $86,000 worth of RAY. It will be repaid using the firm’s treasury.
Raydium is aware of an exploit involving unauthorized removal of liquidity from its legacy AMM V3 program which was previously phased out in 2021.
No current users of Raydium are affected by this exploit or would have been able to interact with these pools through the UI since…
— Infra | Raydium (@0xINFRA) June 10, 2026
The firm’s existing mainnet programs prevent this type of vulnerability, according to 0xInfra, who highlighted that this was not due to a “a key compromise or authority-level issue.”
The exploit extends a growing list of recent vulnerabilities discovered in crypto networks and decentralized finance (DeFi) protocols of late.
In April, KelpDAO and Solana-based Drift Protocol each suffered exploits that affected just shy of $300 million in funds, respectively.
Last week, privacy network Zcash saw its native token crash more than 40% in 24 hours after developers disclosed that a security researcher used a frontier AI model to discover a four-year-old vulnerability that affected one of its privacy pools.
Although there is no evidence yet that AI was used in the Raydium exploit, analysts told Decrypt in May that AI is transforming exploit discovery by “automating what skilled auditors do.”
Furthermore, the exploit took place just one day after private AI firm Anthropic released an upgraded version of Mythos, its cybersecurity-focused that it claims has “unprecedented cybersecurity capabilities.” Anthropic also released a neutered, publicly available version called Claude Fable 5, which has drawn criticism for how much it has been hobbled.
Amid the incident, Raydium’s native token is down around 2% in the last 24 hours, recently changing hands at $0.567. The token has fallen around 13% in the last week of trading amid a broader market rout, and is now 96.6% off its all-time high of $16.83.
Daily Debrief Newsletter
Start every day with the top news stories right now, plus original features, a podcast, videos and more.
