DeFi protocol Raydium reports $2.2 million hack

Decentralized finance protocol Raydium on the Solana network reported an attack. The hacker gained access to the administrative account of the protocol and withdrew various assets worth over $2 million. On the night of December 16, the Raydium administrative account made about 1,000 transactions. The hacker was withdrawing liquidity from protocol pools without depositing the corresponding amount of LP tokens. Funds were withdrawn from a variety of liquidity pools, including pools with USDC, wSOL, Raydium and others. The Prism development team was the first to report the hacker attack. They warned their users to withdraw Prism and USDC tokens from the Raydium protocol. 40 minutes later, the developers of the affected protocol confirmed the hack. According to Ottersec, the hacker used the withdraw_pnl function in the Raydium smart contract. The feature is intended for developers to withdraw fees from liquidity pools, therefore allowing withdrawals without having to deposit the appropriate collateral. Raydium developers are currently investigating the incident.. It is not yet known whether funds will be refunded to affected users. In early December, the Ankr project was hacked on the Binance Smart Chain network. The hacker received at least $5 million, although the head of the Binance exchange said that assets worth $15 million were stolen. The site blocked stolen assets worth $3 million.