Here’s a clear, structured paraphrase with a smooth narrative flow:
Raydium, a decentralized exchange built on Solana, lost $1.34 million on June 10, 2026, after an attacker exploited five outdated liquidity pools tied to its legacy AMM V3 program. The vulnerability, which had remained on-chain for nearly five years, was rooted in an overlooked smart contract flaw.
The attacker—identified by a Solana wallet ending in “Bq33QVk”—stole roughly $900,000 in USDC, $357,000 in SOL, and $86,000 in RAY tokens.
After draining the funds, the attacker transferred them from Solana to Ethereum using a cross-chain bridge. The assets were then funneled through Tornado Cash, a privacy protocol commonly used to obscure transaction trails, significantly reducing the likelihood of recovery.
The Vulnerability: Fake LP Tokens Used to Drain Funds
The exploit stemmed from a flaw in Raydium’s legacy AMM V3 smart contract, specifically a failure to properly validate liquidity provider (LP) tokens. In typical automated market makers, LP tokens represent a user’s share in a pool and must match the correct mint when funds are withdrawn.
In this case, the contract did not verify the authenticity of LP tokens. The attacker created a counterfeit SPL token mint unrelated to any legitimate pool, minted a single fake LP token, and used it to trigger withdrawals.
This process was repeated across five deprecated pools—Sollet USDT–RAY, Sollet ETH–RAY, SRM–RAY, USDC–RAY, and RAY–SOL—resulting in the theft of approximately 150,177 RAY, 5,603 SOL, and 893,700 USDC.
Raydium contributor 0xInfra later clarified that the issue was due to a “self-contained logic flaw,” confirming that no private keys were compromised and that the exploit does not affect current versions of the protocol.
Unlike the December 2022 Raydium breach—which involved a $4.4 million loss due to stolen private keys—this incident was caused by legacy code that remained active on-chain with funds still locked inside.
Cross-Chain Laundering: Funds Moved to Ethereum
Blockchain analysts observed the attack in real time as the attacker consolidated funds from the affected pools before bridging them to Ethereum.
From there, the assets were routed through platforms like KuCoin and FixedFloat before ultimately being deposited into Tornado Cash. This sequence is a common laundering method in DeFi exploits, designed to break transaction traceability.
Investigators confirmed that the attacker avoided selling assets on Solana-based platforms, opting instead for a full cross-chain exit. Once inside Tornado Cash, tracking the funds becomes extremely difficult, and no assets have been frozen or flagged by exchanges so far.
No User Impact, Raydium to Cover Losses
Raydium confirmed that no active users or current liquidity pools were affected. The compromised pools had already been deprecated, meaning they were not accessible through the platform’s interface or normal user interactions.
To address the incident, Raydium stated it will fully reimburse the stolen funds using its treasury. The team is also retiring the legacy AMM V3 program IDs and conducting a full security audit of both current and legacy code.
A timeline for reimbursements has not yet been provided.
Market Reaction
Following the exploit, the RAY token rose about 2% over 24 hours to trade at $0.578. However, it remains down 7% over the past week amid broader weakness in the Solana ecosystem and is still approximately 96.6% below its all-time high of $16.83.
If you want, I can shorten this into a quick 150-word news brief or make it more SEO-focused.

































