Key Takeaways:
Blockaid, a Blockchain safety agency, recognized an ongoing $5.87 million exploit of TrustedVolumes utilizing Ethereum.1inch said that the assault had no impression on its protocols, infrastructure, and consumer funds.The exploit appears to be from the identical operator behind the Fusion-V1 incident of March 2025, however utilizing a special vulnerability.
A contemporary DeFi safety incident is placing liquidity infrastructure suppliers beneath strain after TrustedVolumes, an unbiased market maker utilized by a number of protocols, suffered a multi-million-dollar exploit on Ethereum.
The assault was first flagged by blockchain safety firm Blockaid, which stated the exploit was nonetheless lively whereas funds continued shifting from the compromised resolver contract.
TrustedVolumes Loses Almost $6 Million in Ethereum Assault
Based on Blockaid, the exploit focused a TrustedVolumes resolver contract tied to RFQ swap execution infrastructure on Ethereum.
🚨 Blockaid’s exploit detection system has recognized an on-going exploit on TrustedVolumes (1inch market maker / resolver, @trustedvolumes ).Chain: Ethereum
Sufferer contract: TrustedVolumes resolver — 0x9bA0CF1588E1DFA905eC948F7FE5104dD40EDa31
Exploiter:…
— Blockaid (@blockaid_) Might 7, 2026
The attacker pockets recognized by researchers reportedly extracted round $5.87 million in digital belongings, together with roughly 1,291 WETH, 206,000 USDT, almost 17 WBTC, and greater than 1.26 million USDC.
Safety researchers linked the exploit to a customized RFQ swap proxy managed by TrustedVolumes somewhat than any core 1inch protocol infrastructure.
The exploiter handle was additionally linked to the March 2025 Fusion V1 incident that beforehand impacted liquidity execution methods throughout the broader 1inch ecosystem. Nevertheless, Blockaid confused this newest exploit includes a separate vulnerability.
Learn Extra: $7.6M DeFi Exploit Rocks Rhea Finance as Hackers Manipulate Swimming pools in Hours
1inch Responds After Confusion Spreads On-line
Shortly after the stories unfold round crypto social media platforms’ 1inch issued a public assertion clarifying that 1inch protocols had been under no circumstances concerned, and subsequently they suffered no important loss.
The corporate stated neither 1inch nor any official 1inch protocol was compromised. It additionally said there was no impression on consumer funds, backend methods, or infrastructure.
1inch Says TrustedVolumes Operates Independently
1inch defined that TrustedVolumes acts as an unbiased liquidity supplier used throughout a number of DeFi platforms and isn’t unique to the 1inch ecosystem. The protocol added that it’s actively monitoring the state of affairs and cooperating with related safety groups the place vital.
That clarification grew to become essential after early stories incorrectly implied a direct protocol-level breach at 1inch itself. This replace was useful in streamlining the buying and selling and liquidity offering course of on the platform, permitting merchants to extra simply navigate and keep away from confuse.
DeFi Safety Dangers Proceed to Escalate
Following this assault, there are lots of different critical DeFi hacks in circulation this yr, with hackers primarily concentrating on liquidity routing methods, swap infrastructure, and execution layers versus simply attacking good contracts.
Safety corporations have warned that trendy DeFi structure has turn out to be considerably extra advanced as a result of protocols now depend on aggregators, RFQ engines, off-chain routing methods, and third-party liquidity integrations.
Knowledge from DefiLlama beforehand confirmed crypto exploits surged sharply in current months, with a whole lot of hundreds of thousands of {dollars} misplaced throughout DeFi protocols and infrastructure suppliers.
The TrustedVolumes incident is already being seen as one other main reminder that liquidity infrastructure and routing methods stay one of the vital weak areas inside decentralized finance.
Learn Extra: $290M KelpDAO Hack SHOCK: LayerZero Factors to Deadly DVN Flaw, Lazarus Suspected
