Solana-based exchange Raydium suffers $4.4 million exploit

Update: In a latest post-mortem report, the Raydium team noted that $4.4 million in crypto assets were taken during the exploit.

Raydium, a decentralized exchange built on the Solana blockchain, was hacked.

The attacker was able to able to withdraw liquidity pool (LP) tokens into their control. Raydium acknowledged the incident and said it believed that an attacker took control over the exchange's admin address.

In a post-mortem report, the team estimated that crypto assets worth $4.4 million were stolen during the incident. "The attacker compromised eight constant product liquidity pools on Raydium, totaling approximately ~4.4m USD in funds stolen," it wrote. 

Security firm Otter offered an analysis of the event and said a compromised private key may have been responsible for the exploit.

Meanwhile, Raydium said it was still investigating the matter to determine the nature and root cause of the compromise. It postulated the attacker may have targeted an internal server with "trojan" malware in order to compromise Raydium's underlying code. 

"Initial suspicions are that the attacker may have gained remote access to the virtual machine or internal server where the account was deployed. The exact intrusion vector has yet to be identified, but a trojan attack may be one possibility," the team said. Raydium is offering the hacker a 10% bounty in exchange for returning funds.

Raydium still holds more than $30 million in crypto assets, according to data from DeFiLlama.

The article was updated with the final estimate of the total value of assets stolen during the exploit.