Raydium Exploiter Drains Millions from Liquidity Pools
According to Solana swap aggregator Prism, which first noticed the hack, earlier today an entity began draining liquidity pools on Raydium using an admin wallet. Security firm OtterSec later hypothesized that the attacker somehow gained access to private keys granting access to Raydium smart contracts.
Careless.
Note that the attack was on a few pools, not all of them, as the pool owner private key was compromised, not the broader platform upgrade authority account, as that is multisig.
How this happened remains a mystery as the affected pools look fairly large, hence the pool owner seems likely to be someone from the team. This part we don't know, so is rational speculation.
Another joy for so-called DeFi, and another kick in the teeth for alleged "decentralisation". In what way is a single point of failure "decentralised"?