Trusted Amounts $6.7M DeFi Finder Confirms Exploitation
TrustedVolumes, an independent market maker and solution provider used by 1inch Fusion, confirmed the exploit and said that approximately $6.7 million of stolen funds were held in three Ethereum addresses.
On Thursday X Post, the market creator said that the stolen funds were divided into three wallets, two addresses each containing about 3 million dollars and the third about 700,000 dollars. TrustedVolumes says it's open to “developer communication” on bug bounty and a “mutually acceptable solution.”
The confirmation comes after Web3 security firm Blockaid said its exploit detection system has identified an ongoing Ethereum exploit targeting trusted volumes. Blockaid said the attack involved a custom swap infrastructure controlled by TestedVolumes. Blockaid initially released an estimated $5.87 million worth of funds, including Wrapped Ether, USDT, Wrapped Bitcoin, and USDC.
Blockchain security company Certike said the attacker registered as an authorized order signer with a public function, then used that authorization to execute orders that transferred funds from targets.
The incident highlights the concerns surrounding the third-party infrastructure used in decentralized foreign exchange execution, where solution providers and market makers can create their own contracts even though the underlying protocol and ordinary users are not directly affected. TrustedVolumes operates independently as a liquidity provider for multiple protocols, including 1inch, which claims its own systems, infrastructure, and user funds are untouched.
Cointelegraph reached out to Loyalty Volus for further comment, but did not receive a response by publication.
Source: Trusted Vol
1″ says none of its protocols have been breached.
Reports on X-Post linking 1inch directly to the exploits of trusted volumes are “false,” adding that “neither 1inch nor any of the 1inch protocols were involved.” “There is no impact on 1″ systems, infrastructure or user funds,” the platform said.
1inch co-founder Sergej Kunz also said that TrustedVolumes operates independently and is not exclusive to 1inch. “While it's true that 1inch uses TrustedVolumes as a solution provider, we're one of many,” Kunz said.
Kunz called the exploit frame incident with 1inch “disturbing and damaging,” adding that 1inch is monitoring the situation with security partners and will assist if necessary.
Related: Andre Cronje says DeFi is ‘no longer DeFi' as builders debate circuit breakers
Security researcher Vladimir Sobolev, known as X-Officer Notes, told Cointelegraph that “there is no risk for 1” users, the exploit is only related to TrustedVolumes.
Sobolev said the exploit points to widespread weaknesses in crypto security practices, vulnerabilities that can lead to immediate losses.
Sobolev told Cointelegraph, “We lack security in general. Blockchains get paid immediately. We need to pay more attention to kill switches, control, circuits, etc.”
Both Blockaid and Sobolev mentioned that the attack was carried out by the operator responsible for the March 2025 1inch Fusion V1 exploit. However, Blockade said the latest attack involved a different vulnerability.
In the year As of March 2025, 1inch said a vulnerability in the Fusion v1 implementation affected solution providers using their own contracts, while end-user funds remained safe. SlowMist later recovered about $5 million in stolen assets, including USDC and Wrapped Ether.
1inch and Decurity's Damage Solution spoke with the attacker, who returned most of the stolen money under a bug bounty agreement, according to 1inch and Decurity's postmortem.
Magazine: North Korea Denies Crypto Hacking, Appbit Bank Investigates Ripple: Asia Express
