Raydium Legacy AMM V3 Hack 2026 — $12M Exploit Analysis

Deprecated V3 pools with unpatched vulnerability drained for $12M

Details

Full Description

An attacker targeted deprecated Raydium Legacy AMM V3 pools that had not been migrated to newer versions. The exploit involved a flash loan attack where the attacker borrowed a large amount of SOL, manipulated the reserves in legacy pools, and then executed swaps that benefited from miscalculated ratios due to the outdated pricing logic. Despite Raydium's warnings to migrate liquidity, significant funds remained in these legacy pools, resulting in a $12 million loss.

Laundering Analysis

The attacker converted stolen SPL tokens to SOL through Jupiter aggregator, then bridged to Ethereum via Wormhole. On Ethereum, funds were swapped for ETH and deposited into Tornado Cash. A portion was sent to centralized exchanges with weak KYC requirements. The rapid movement and use of established privacy protocols made recovery unlikely.

Sources

Related Hacks

Back to Browse