Raydium: The attack or loss due to private key leakage resulted in a total loss of approximately $4.395 million
ChainCatcher news, Raydium officials stated regarding the attack that occurred yesterday, the vulnerability seems to stem from a trojan attack and the leakage of the pool owner's account private key. The attacker accessed the mining pool owner's account and was able to call the withdrawalPNL function, which is used to collect transaction/protocol fees earned from swap trades in the pool. The affected pools include SOL-USDC, SOL-USDT, RAY-USDC, RAY-USDT, etc., with a total loss of approximately $4.395 million.Additionally, as an immediate solution, the permissions of the previous mining pool owner have been revoked, and all accounts have been updated to new hardware wallet accounts, so the attacker no longer has access and cannot exploit these pools for further attacks. If the attacker returns the funds, a 10% reward will be offered to the hacker for the stolen funds, treated as a white hat bounty. (source link)