Raydium: The attack or loss due to private key leakage resulted in a total loss of approximately $4.395 million

2022-12-17 10:12:06

Collection

ChainCatcher news, Raydium officials stated regarding the attack that occurred yesterday, the vulnerability seems to stem from a trojan attack and the leakage of the pool owner's account private key. The attacker accessed the mining pool owner's account and was able to call the withdrawalPNL function, which is used to collect transaction/protocol fees earned from swap trades in the pool. The affected pools include SOL-USDC, SOL-USDT, RAY-USDC, RAY-USDT, etc., with a total loss of approximately $4.395 million.

Additionally, as an immediate solution, the permissions of the previous mining pool owner have been revoked, and all accounts have been updated to new hardware wallet accounts, so the attacker no longer has access and cannot exploit these pools for further attacks. If the attacker returns the funds, a 10% reward will be offered to the hacker for the stolen funds, treated as a white hat bounty. (source link)

ChainCatcher reminds readers to view blockchain rationally, enhance risk awareness, and be cautious of various virtual token issuances and speculations. All content on this site is solely market information or related party opinions, and does not constitute any form of investment advice. If you find sensitive information in the content, please click "Report", and we will handle it promptly.