Raydium's legacy AMM V3 exploited for $1.34M; losses covered by treasury, no active users affected.

Raydium, a major decentralized exchange on Solana, suffered a $1.34 million exploit targeting five deprecated liquidity pools from its legacy AMM V3 program. These pools were phased out in 2021 and had no active users or current interface exposure. The attack exploited a logic flaw allowing fraudulent liquidity provider minting to bypass security and withdraw assets including RAY, SOL, and USDC tokens. Raydium traced the attacker’s funds to KuCoin and Tornado Cash but assured compensation from its treasury and announced a full security review. Current pools and newer AMM versions remain secure, highlighting the risks of outdated smart contracts still holding assets on-chain.