Solana Defends $63 as CME Adds SOL Index Futures, SOL Strategies Sells 65,001 Tokens

Solana News

Solana's largest decentralized exchange suffered a fresh setback this week after an attacker drained more than $1.34 million from five deprecated liquidity pools tied to Raydium. The breach struck a legacy automated market maker program that had been phased out since 2021, allowing the exploiter to siphon a mix of SOL, the dollar-pegged stablecoin USDC, and the platform's native RAY token. Raydium moved quickly to reassure its community, confirming that no active users were exposed because the affected pools had long been removed from its interface. The episode underscores persistent DeFi security risks even on retired code paths.

Security analysts traced the intrusion to a validation flaw buried in Raydium's earliest AMM design. On-chain data shows the attacker deployed a fake mint address that tricked the dormant program into accepting unauthorized liquidity-provider tokens, letting them withdraw reserves without detection. A pseudonymous Raydium contributor stressed that the incident stemmed from flawed logic in deprecated software rather than a private-key compromise or any authority-level breach. The firm's current mainnet programs, the contributor added, contain safeguards that block this class of attack. The exploit highlights how abandoned smart-contract code can remain a live attack surface on the blockchain long after a protocol upgrades.

On-chain investigators put the haul at roughly 150,177 RAY, about 5,603 SOL, and approximately 893,700 USDC, together worth close to $1.34 million. The thief's wallet, identified by an address ending in Bq33QVk, was initially financed through a withdrawal from a major centralized exchange before the stolen assets were bridged toward Ethereum. The breakdown — near $900,000 in USDC, around $357,000 in SOL, and $86,000 in RAY — illustrates how attackers increasingly target stablecoin-heavy pools for cleaner, more liquid proceeds. Forensic firms flagged the movement within hours, but rapid conversion left little window for intervention.

Tracking the outflow, security researchers reported that the attacker funneled roughly 810 ETH through Tornado Cash, the on-chain mixer designed to sever the link between sending and receiving wallets. An additional seven ETH was routed to the instant-swap service FixedFloat. The use of a mixer typically complicates recovery by obscuring the transaction trail. The pattern is notable given that the US Treasury formally removed Tornado Cash from its sanctions list in March 2025, restoring access to a tool that exploiters continue to favor for laundering proceeds. The laundering speed reinforced concerns that on-chain obfuscation remains a stubborn hurdle for victims.

Raydium pledged to make affected liquidity providers whole, drawing on its protocol treasury to fully cover the stolen amount. The reimbursement mirrors the exchange's response to a December 2022 incident, when an admin-key compromise drained active pools and a governance vote tapped buyback fees and vested team tokens to compensate users. Markets largely shrugged off the latest breach: the RAY token slipped less than 1% over 24 hours to trade near $0.57, signaling that traders viewed the exploit as contained. The measured reaction suggests confidence in Raydium's ability to absorb the loss without lasting damage to its altcoin liquidity base.

The Raydium breach lands amid a widening run of DeFi exploits across the industry. In April, liquid-staking platform KelpDAO and Solana-based Drift Protocol each disclosed incidents affecting close to $300 million in user funds. More recently, privacy network Zcash watched its native token plunge more than 40% within a day after developers revealed that a researcher had used a frontier AI model to surface a four-year-old vulnerability. Together the cases point to an emerging dynamic in which AI tooling accelerates the discovery of dormant flaws, raising the stakes for protocols carrying legacy code. Security teams now face pressure to audit retired programs as rigorously as live ones.

As of 11:22 UTC, COINOTAG's proprietary 42-indicator composite scoring engine rates SOL's $68.32 resistance at 71/100, driven by the confluence of the Fibonacci 0.214 retracement, the R2 pivot, and the Ichimoku Tenkan line, with the next barrier at $70.99 scoring 69/100. On the downside, the engine grades $64.49 support at 70/100 from a high-volume node and pivot point, ahead of stronger $60.13 support at 75/100 anchored by the Donchian lower band and swing low. With spot at $65.50 and RSI at 31.33 under a bearish MACD, derivatives data shows a crowded 3.41 long/short ratio (77.3% long) across $1.40 billion in open interest — a setup vulnerable to a long flush as the Fear & Greed Index sits at 12 (Extreme Fear). Reclaiming $68.32 would favor bulls, while a daily close below $60.13 invalidates the thesis.