<p><span style="font-weight: 400;"><em><strong>Update</strong>: In a latest <a href="https://raydium.medium.com/detailed-post-mortem-and-next-steps-d6d6dd461c3e">post-mortem report</a>, the Raydium team noted that $4.4 million in crypto assets were taken during the exploit.</em></span></p> <p><span style="font-weight: 400;">Raydium, a decentralized exchange built on the Solana blockchain, was hacked. </span></p> <p><span style="font-weight: 400;">The attacker was able to able to withdraw liquidity pool (LP) tokens into their control. </span>Raydium <a href="https://twitter.com/RaydiumProtocol/status/1603762271028748289">acknowledged</a> the incident and said it believed that an attacker took control over the exchange's <a href="https://solscan.io/account/AgJddDJLt17nHyXDCpyGELxwsZZQPqfUsuwzoiqVGJwD#solTransfers">admin address</a>.</p> <p>In a post-mortem <a href="https://raydium.medium.com/detailed-post-mortem-and-next-steps-d6d6dd461c3e">report,</a> the team estimated that crypto assets worth $4.4 million were stolen during the incident. "The attacker compromised eight constant product liquidity pools on Raydium, totaling approximately ~4.4m USD in funds stolen," it wrote. </p> <p><span style="font-weight: 400;">Security firm Otter offered an analysis of the event and </span><a href="https://twitter.com/osec_io/status/1603763033901305862"><span style="font-weight: 400;">said</span></a><span style="font-weight: 400;"> a compromised private key may have been responsible for the exploit. </span></p> <p><span style="font-weight: 400;">Meanwhile, Raydium said it was still </span>investigating the matter to determine the nature and root cause of the compromise. It postulated the attacker may have targeted an internal server with "trojan" malware in order to compromise Raydium's underlying code. </p> <p>"Initial suspicions are that the attacker may have gained remote access to the virtual machine or internal server where the account was deployed. The exact intrusion vector has yet to be identified, but a trojan attack may be one possibility," the team said. Raydium is offering the hacker a 10% bounty in exchange for returning funds.</p> <p><span style="font-weight: 400;">Raydium still holds more than</span> <a href="https://defillama.com/protocol/raydium"><span style="font-weight: 400;">$30 million</span></a><span style="font-weight: 400;"> in crypto assets, according to data from DeFiLlama.</span></p> <p><em>The article was updated with the final estimate of the total value of assets stolen during the exploit.</em></p><br /><span class="copyright"><p>© 2023 The Block Crypto, Inc. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.</p> </span>