Ongoing Exploit Drains $6.7 Million from TrustedVolumes Liquidity Provider

Severity: High (Score: 66.0)

Sources: www.halborn.com, Thedefiant, Castlecrypto.Gg, Theblock.Co

Summary

TrustedVolumes, a liquidity provider for 1inch, is experiencing an ongoing exploit that has drained approximately $6.7 million, as reported by Blockaid. The attack targets the resolver contract on the Ethereum blockchain, exploiting a vulnerability in a custom RFQ swap proxy. The stolen assets include 1,291.16 WETH, 206,282 USDT, 16.939 WBTC, and 1,268,771 USDC. Blockaid identified the attacker as the same entity responsible for a previous exploit in March 2025, although this attack utilizes a different vulnerability. 1inch confirmed that its systems and user funds remain unaffected, emphasizing that TrustedVolumes operates independently. The incident is part of a larger trend of increasing attacks on DeFi platforms, with significant losses reported in recent months. TrustedVolumes is considering a bug bounty to address the situation. This story is still developing. Key Points: • TrustedVolumes lost approximately $6.7 million due to an ongoing exploit targeting its resolver contract. • The exploit utilized a vulnerability in a custom RFQ swap proxy and is linked to a previous attack from March 2025. • 1inch confirmed that its infrastructure and user funds are secure and unaffected by the exploit.

Key Entities

• Data Breach (attack_type)
• Phishing (attack_type)
• 1inch (company)
• Bybit (company)
• Drift Protocol (company)
• Kelp DAO (company)
• TrustedVolumes (company)
• Drift (campaign)
• CWE-120 - Classic Buffer Overflow (cwe)
• 0x9bA0CF1588E1DFA905eC948F7FE5104dD40EDa31 (eth)
• Ethereum Mainnet (platform)
• Fusion V1 Bug (vulnerability)