Coinpaper
2026-05-07 11:10:44

1inch Distances Itself From $6.7M TrustedVolumes Exploit

Security firms Blockaid and CertiK said the attacker exploited a publicly accessible function to register as an approved order signer before draining funds through malicious transactions. The stolen assets included Wrapped Ether, USDT, Wrapped Bitcoin, and USDC. TrustedVolumes Exploit Drains $6.7M TrustedVolumes, an independent market maker and resolver used by decentralized exchange aggregator 1inch Fusion, confirmed that it suffered a major exploit that resulted in approximately $6.7 million in stolen crypto assets. The company revealed that the funds are currently spread across three Ethereum wallets, with two of the addresses holding roughly $3 million each and a third wallet containing close to $700,000. In a statement that was shared on X, TrustedVolumes said it was willing to engage in “constructive communication” with the attacker and appeared open to negotiating a bug bounty arrangement or another mutually acceptable resolution. The exploit first came to light after blockchain security firm Blockaid identified suspicious activity involving TrustedVolumes’ Ethereum-based swap infrastructure. According to Blockaid, the attack targeted a custom swap system controlled by TrustedVolumes and initially resulted in an estimated loss of around $5.87 million. The stolen assets reportedly included Wrapped Ether, USDT, Wrapped Bitcoin, and USDC. The estimate later increased as more information became available about the attacker’s movements across multiple wallets. Security researchers later explained that the exploit involved the attacker registering themselves as an approved order signer through a publicly accessible function. Once authorized, the attacker was able to execute malicious orders that drained funds from the affected infrastructure. Blockchain security company CertiK said the exploit proved how vulnerabilities in third-party infrastructure providers can create serious risks in the decentralized finance ecosystem. Despite TrustedVolumes’ role in supporting 1inch Fusion trades, 1inch quickly clarified that its own systems were never compromised. The platform stated that its protocols, infrastructure, and user funds remained completely unaffected by the exploit. 1inch co-founder Sergej Kunz explained that TrustedVolumes operates independently and serves multiple protocols rather than functioning exclusively for 1inch. Security researcher Vladimir Sobolev also pointed out that ordinary 1inch users were never at risk. However, he warned that the incident sheds some light on weaknesses across the crypto industry, particularly regarding the lack of safeguards like monitoring systems, circuit breakers, and emergency shutdown mechanisms. Interestingly, investigators said that the same operator behind the March 2025 exploit involving outdated 1inch Fusion V1 resolver contracts was responsible for this latest attack. However, researchers said the vulnerability exploited this time was different from the previous incident.

Get Crypto Newsletter
Read the Disclaimer : All content provided herein our website, hyperlinked sites, associated applications, forums, blogs, social media accounts and other platforms (“Site”) is for your general information only, procured from third party sources. We make no warranties of any kind in relation to our content, including but not limited to accuracy and updatedness. No part of the content that we provide constitutes financial advice, legal advice or any other form of advice meant for your specific reliance for any purpose. Any use or reliance on our content is solely at your own risk and discretion. You should conduct your own research, review, analyse and verify our content before relying on them. Trading is a highly risky activity that can lead to major losses, please therefore consult your financial advisor before making any decision. No content on our Site is meant to be a solicitation or offer.