The decentralized exchange Raydium reported an attack on the liquidity pool of its outdated Legacy AMM V3 program, resulting in the theft of $1.34 million in assets.
Raydium is aware of an exploit involving unauthorized removal of liquidity from its legacy AMM V3 program which was previously phased out in 2021.
No current users of Raydium are affected by this exploit or would have been able to interact with these pools through the UI since…
— Infra | Raydium (@0xINFRA) June 10, 2026
According to the developers, the main users of the platform were not impacted. Access to the pools through the exchange interface was closed after the AMM V3 was retired in 2021.
The attacker stole approximately 150,000 RAY, 5,600 SOL, and nearly 900,000 USDC. The exploit affected the Sollet USDT-RAY, Sollet ETH-RAY, RAY-SOL, USDC-RAY, and SRM-RAY pools.
Project representatives attributed the vulnerability to insufficient validation of liquidity token issuance, which allowed the attacker to bypass ratio checks. Raydium stated that active pools were unaffected but are undergoing separate security audits.
“The attacker was able to create new tokens and use them as LP tokens, bypassing the intended ratio checks. All other programs on the main Raydium network use a virtual supply mechanism for validation [...], preventing this class of vulnerabilities,” the team clarified.
The team promised to compensate affected users from the treasury.
As reported by analysts at PeckShieldAlert, the hacker has already begun laundering the funds. They transferred the stolen assets from the Solana network to Ethereum and then sent them to crypto mixers.
Source: X/PeckShieldAlert.It’s worth noting that on June 8, unknown individuals compromised wallets associated with the Humanity Protocol project, causing an estimated loss of around $31 million.