Raydium Raided for $1.34M by a Wallet Called Bq33Q — Legacy Pools Strike Back 🪦

Raydium, a Solana-based decentralized exchange, suffered an exploit on Wednesday that drained more than $1.34 million from five deprecated liquidity pools tied to its legacy automated market maker program, the firm confirmed. The attacker, identified by a Solana address ending in "Bq33QVk," bypassed validation logic in the phased-out program and minted new liquidity provider tokens, making off with nearly $900,000 in USDC, approximately $357,000 in SOL, and $86,000 in RAY. Pseudonymous Raydium contributor 0xInfra wrote on X that "no current users of Raydium are affected by this exploit or would have been able to interact with these pools through the UI since their deprecation," and added that the firm's mainnet programs are not exposed to the same vulnerability. Raydium said the lost funds will be repaid from its treasury.

The exploit targeted Raydium's AMM V3 program, which the team previously phased out in 2021. According to 0xInfra, the incident was "not a key compromise or authority-level issue," and the attacker was able to remove liquidity from the legacy contract because it remained live despite deprecation. The disclosure prompted Raydium to urge users not to interact with the affected program while the team investigates.

The attack extends a string of recent exploits across decentralized finance. In April, KelpDAO and Solana-based Drift Protocol each suffered incidents affecting just shy of $300 million in funds. Last week, privacy network Zcash saw its native token $ZEC fall roughly 38% in 24 hours after developers disclosed that a security researcher used Anthropic's Claude Opus 4.8 to find a four-year-old vulnerability in one of its privacy pools. The Raydium exploit came one day after Anthropic released an upgraded version of Mythos, its cybersecurity-focused model that the company describes as having "unprecedented cybersecurity capabilities," alongside a neutered public release called Claude Fable 5. There is no evidence that AI tooling was used in the Raydium exploit.