The exploit did not have any effect on any of the other pools or funds available on Raydium.ĭifferent assets were moved by the attacker from impacted pools while the vulnerability was being used. The exploit has no effect on concentrated liquidity pools or RAY staking programs because of how they were designed. The attacker gained access to eight continuous product liquidity pools on Raydium and stole a combined amount of about $4.4 million worth of funds. These stolen funds eventually made their way into the same account that was used to fund the primary Raydium exploiter wallet. An indication of this can be found in a tweet that was posted by cloudzy.sol on November 7 and describes a wallet exploit that resulted in 198 SOL being stolen. The Raydium exploiter account appears to be involved in additional illegal conduct on Solana, according to an initial investigation into the matter. However, one hypothesis is that it was a trojan attack. It has not yet been determined which specific vector of intrusion was used. At first glance, it appears as though the attacker may have obtained remote access to either the virtual machine or the internal server where the account was deployed. After conducting further research, it has been determined that there is no evidence to suggest that the private key associated with the Pool Owner account has ever been distributed, shared, transferred, or kept locally anywhere other than the virtual machine on which it was initially placed.Īn investigation into the company’s internal security is currently underway in order to ascertain the nature of the account breach as well as the underlying reason for it. Initially, the Pool Owner account was deployed on a virtual machine with a specialized internal server. Big thanks to all teams providing support īackground of the Exploit and Latest Details ![]() As of now, a patch is in place preventing further exploits from the attacker.The following includes info up to now. The purpose of this detailed post-mortem is to make an attempt to provide an in-depth overview of how the exploit was carried out, how the problem was mitigated, and the next measures that will be taken.ġ/ Initial Post-Mortem: Raydium is working w 3rd-party auditors and teams across Solana to gather additional info. ![]() OtterSec has published its initial overview of the attack’s scope.įollowing up on the recent vulnerability in the Raydium Liquidity Pool, Raydium has just issued a comprehensive update. After successfully acquiring access to the Pool Owner (Admin) account on December 16, 2022, at 12:12 UTC, a malicious actor started an exploit on the authority account of the Raydium Liquidity Pool V4 at the same time.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |