Raydium lost $1.34 million after a hacker exploited a retired AMM V3 program on Solana. The attack drained five inactive liquidity pools through an LP mint validation flaw. Raydium said current users and active programs were unaffected, while its treasury will cover the full loss.
Raydium confirmed that a hacker drained $1.34 million from five inactive Solana liquidity pools on June 10, 2026. The exploit affected the protocol’s retired AMM V3 program, which had been phased out in 2021 and was no longer available through Raydium’s user interface or SDK.
The affected pools included RAY-SOL, USDC-RAY, SRM-RAY, Sollet USDT-RAY, and Sollet ETH-RAY. Raydium said current users, active pools, and present mainnet programs were not affected. The team also confirmed that its treasury will cover the full loss.
Five Inactive Raydium Pools Lose $1.34M
The Raydium exploit targeted old Solana liquidity pools tied to the legacy AMM V3 program. The attacker drained about $900,000 in USDC, $357,000 in SOL, and $86,000 in RAY tokens from the inactive pools.
Raydium had removed these pools from its main platform years earlier. However, the smart contracts remained on-chain and held funds. That allowed the attacker to interact directly with the old program, even though normal users could not access the pools through Raydium’s interface.
Security tracking showed that the stolen assets moved from Solana to Ethereum after the attack. The attacker later deposited about 810 ETH into Tornado Cash. Another seven ETH moved to FixedFloat, while the original wallet had received funding through KuCoin.
LP Mint Flaw Allowed the Withdrawal
Raydium core contributor Infra said the exploit came from an LP mint validation flaw in the retired AMM V3 code. The old program did not properly verify the LP token address linked to pool ownership.
As a result, the attacker used a fake LP token mint to pass checks inside the contract. The program then treated the false token as a valid claim on the pool assets. That allowed the attacker to withdraw real tokens from the affected pools.
Infra said the breach did not involve a private key compromise or an authority-level failure. The contributor also said Raydium’s current mainnet programs use different validation checks.
“No current users of Raydium are affected by this exploit or would have been able to interact with these pools through the UI since their deprecation,” Infra said on June 10.
Raydium Says Current Programs Are Safe
Raydium said the issue was limited to the retired AMM V3 program. The protocol phased out that version in 2021 after changes linked to Serum’s order book structure.
Meanwhile, the team said no active Raydium program carries the same flaw. Core contributors have started a review of current mainnet programs to confirm that no similar validation weakness exists in live code.
The case also shows that retired blockchain programs can still be called when they remain active on-chain. A program may disappear from a website or app, but it can still process transactions unless the team freezes, closes, or migrates it.
Treasury Will Cover the Full Loss
Raydium confirmed that its treasury will cover the full $1.34 million loss. The protocol said active users did not hold funds in the affected pools, as those pools had been removed from the main interface for years. “Full compensation will be handled by Raydium’s treasury,” the team said on June 10.
RAY traded near $0.58 on June 11, 2026, after the exploit incident. Its market value stood near $156 million at the time. The token was still down on the week, while the exploit stayed limited to old pools outside Raydium’s current product flow.
Disclaimer : Crypto News India does not recommend that any cryptocurrency should be bought, sold, or held by you. Do conduct your own due diligence and consult your financial advisor before making any investment decisions.
