Raydium Old Liquidity Pool Reportedly Exploited, With $1.34 Million Moved to Ethereum and Tornado Cash
On June 3, according to Foresight News citing on-chain investigator Specter, an old liquidity pool linked to Solana DeFi protocol Raydium was suspected of being exploited. The attacker reportedly stole around $1.34 million in assets, involving USDC, RAY, and wSOL.
Based on the currently disclosed on-chain path, the funds were later bridged to Ethereum and deposited into Tornado Cash. The incident is still being described as a suspected attack. At this stage, there has not yet been a complete public explanation from Raydium confirming the nature of the incident, the exact status of the affected pool, or the scope of user impact.
Based on the available information, the affected target does not appear to refer to all Raydium protocol assets, but rather a specific old liquidity pool. This distinction is important for understanding the potential spread of risk.
If the issue was limited to a legacy or low-activity pool, the impact may be concentrated among that pool and its corresponding liquidity providers. However, if the incident is later found to involve main routing, front-end calls, permission settings, or shared infrastructure, the scope of investigation could widen.
At present, the public information can only confirm the reported loss size, the stolen asset types, and the movement of funds. It is not enough to determine whether there were deeper contract-level or operational security issues.
After stealing the assets on Solana, the attacker quickly bridged the funds to Ethereum and then deposited them into Tornado Cash. This type of exit path usually makes later tracking, freezing, and recovery more difficult.
For the market, the direct impact of this type of event may not necessarily be a full protocol shutdown. The more important effect is that users may reprice risks around old pools, abandoned pools, and legacy contracts. Since more official disclosure is still missing, the market will need to watch Raydium’s technical explanation, details of the affected pool, and whether any remediation measures are introduced.
Why It Matters
The focus of this incident is not only the size of the loss. More importantly, it once again highlights the tail risk of old asset pools and historical deployments in DeFi protocols.
Even if a core protocol continues to upgrade, early pools, older contracts, or leftover permission settings can still become attack surfaces. For a leading liquidity infrastructure project in the Solana ecosystem, this type of incident can directly affect liquidity providers’ risk appetite toward non-core pools. It may also push projects to clean up legacy pools and front-end access points more aggressively.
Another important issue is the fund flow. The stolen assets were bridged to Ethereum and sent to Tornado Cash, suggesting that the attacker had a mature exit route. For law enforcement cooperation, exchange risk control, and on-chain tracking teams, the next focus is not only attribution, but also whether tainted funds may re-enter CEXs, aggregators, or OTC channels.
WEEX View
The core question is not simply whether Raydium was hacked. The real issue is whether Raydium can isolate the incident as a single old-pool accident.
If the project later confirms that only an abandoned pool or low-TVL historical position was affected, the market may price the incident as an edge risk, and liquidity in major trading pairs may not be significantly damaged. But if the investigation points to front-end routing, pool migration logic, permission management, or shared market-making components, then this would no longer be a one-off bad debt event. It could trigger a broader repricing of older liquidity infrastructure across Solana.
For front-line CEX businesses, the most practical indicators are RAY-related spot depth, on-chain deposit and withdrawal patterns, and whether the stolen funds follow a typical laundering path of theft, bridging, mixing, small-value splitting, and re-entry into exchanges.
The commercial interests of the project team, on-chain investigators, bridge protocols, and centralized exchanges are not fully aligned. The project team has an incentive to narrow the incident to an old pool in order to protect core pools and brand confidence. Bridge and downstream protocols are more concerned about being labeled as laundering channels. CEX risk teams need to determine whether tainted addresses could enter deposit systems, affecting asset deposit efficiency and market maker inventory allocation.
If this firewall fails, the issue may move beyond a single pool security incident. It could become a broader problem involving cross-chain tainted fund identification, a liquidity discount for RAY spot markets, and rising risk premiums for long-tail Solana DeFi assets.
The next three variables are the most important to watch. First, whether Raydium discloses the affected pool address and confirms whether related access points have been removed. Second, whether the stolen funds continue to be split, swapped, or routed back toward centralized platforms. Third, whether market makers actively reduce inventory exposure in RAY, wSOL, or related long-tail trading pairs.
If these details remain unclear, the market may default to pricing in a worse-case scenario. Legacy pool assets could be marginalized first, while arbitrage boundaries narrow quickly.
Disclaimer: This content is provided for general branding and informational purposes only and doesn't constitute financial, investment, legal, or tax advice. Any events, rewards, online events, or related information mentioned herein should not be considered a recommendation, solicitation, or invitation to purchase, sell, trade, or otherwise deal in any crypto assets or to use any services. Crypto assets are highly volatile and may result in loss. WEEX services and online events may not be available in all regions and are subject to applicable laws, regulations, and eligibility requirements. You are responsible for ensuring that your use of WEEX services complies with local laws and for carefully assessing the risks before participating in any crypto-related activities.
You may also like

What is SCEX? The Cryptocurrency Exchange for Vietnam's Market by Sacombank

Major Update for ChatGPT: Cross-Platform Functionality, One-Click Website Creation, and Lower Costs

BTC Challenges 64,000 After Breaking 63,000, Market Trading 'Manageable Risks'

As the Bubble Bursts, Who Dominates Attention in the AI Era? A 2026 Guide to Influential AI KOLs in China and the UK

Old Money in Crypto Shifts: Paradigm Raises $1.2 Billion, Half Bet on AI and Robotics

Bitdeer unveils $36M Nevada factory to shake up Bitcoin mining

Perplexity Fine-Tuned a Chinese AI Model to Match Claude Opus 4.8 at One-Third the Cost

Bank of Korea defends bank-first stablecoin plan amid bill deadlock

JPMorgan says bitcoin's main risk isn't Strategy, but blockchain adoption that doesn't benefit public chains and tokens

Fear & Greed Index Today: What Extreme Fear Means for Crypto, Stocks and Gold

Labour MPs Push to Make UK Crypto Donation Ban Permanent

Supreme Court ruling expanding Trump's authority over federal agencies raises questions for SEC, CFTC as crypto rulemaking advances

'Bottom building in progress': Analysts say bitcoin holder capitulation signals late-stage bear market

A Comprehensive Analysis: Starting from 1996, Who is Laying the Foundation for the Next Generation of Capital Markets

Luke Dashjr, the Biggest Anti-Spammer of Bitcoin, Inscribed Phrases on the Network in 2011

Whales bought 270,000 BTC while ETFs bled $7 billion. One side is wrong

The crypto IPO class of 2025-26 is down as much as 89%. Autopsy of a listing boom

Robinhood Chain Mining Guide: A Comprehensive Tutorial from Cross-Chain to Memecoin

BitGo CEO says single-digit percentages of bitcoin's supply are 'probably right' for large holders amid Strategy's sale

Beyond Private Keys: How to Safeguard the Security Boundaries of Web3 from Wallets, L2 to Supply Chains?

Vanguard Enters the Market, Opening a New Crypto Gateway for 50 Million Traditional Investors

Why the OUSD Alliance of 150 Companies Still Cannot Shake USDT and USDC?

Citigroup Analysis: Is There Still 47% Upside for Nvidia? Can Rubin and CPO Deliver?
WEEX API Fast Connect: Turn Every Sign-In Into a Live Trader in Under 10 Seconds
WEEX API Fast Connect is a one-click OAuth authorization system that lets your users link their WEEX account without ever touching an API key. Frictionless onboarding, faster conversions, higher retention — built for WEEX Broker partners.

Bitcoin's dwindling exchange reserves don't pack the same bullish punch anymore

From Le Mans to the Rollercoaster: Carl Moon Takes On Portimão
Crypto world renowned KOL and racing driver Carl Moon, backed by WEEX, heads to the Ferrari Challenge Portugal round at the Algarve International Circuit, July 16–19, fresh off a podium finish at Le Mans. Here's why this race is one to watch.
Fast execution. Split-second accuracy. Security that never blinks. That's WEEX — and that's exactly how Carl races.

The Downfall of a Public Company: A $1.46 Billion Bet on WLFI, $540 Million Went to the Trump Family

Dragonfly Partner: BTC is Intergenerational Wealth, Optimistic About ETH and SOL

Goldman Sachs Calls to Go Long on Chinese AI: $4 Trillion Market Value Behind, Global Funds Only Allocated 1.2%











