TrustedVolumes exploit drains $5.87M; suspect links to 1inch hack
Blockaid reports TrustedVolumes’ Ethereum resolver was exploited for about $5.87M, draining WETH, USDT, WBTC and USDC; attacker matches operator from a March 2025 1inch Fusion V1 exploit.
On-chain security firm Blockaid flagged an exploit of TrustedVolumes’ resolver contract on Ethereum that removed about $5.87 million in assets. The breach was detected after unusual activity on the resolver, a component used by the 1inch market maker and resolver service.
The attacker withdrew 1,291.16 WETH, 206,282 USDT, 16.939 WBTC and 1,268,771 USDC, according to Blockaid’s on-chain report. Blockaid identified the operator behind the transactions as matching the actor responsible for a March 2025 exploit of 1inch Fusion V1.
Blockaid said the vulnerability in the TrustedVolumes incident differs from the earlier Fusion V1 case. The current exploit targeted a custom RFQ (request-for-quote) proxy controlled by TrustedVolumes rather than the flaw used in the Fusion V1 incident.
TrustedVolumes posted a brief notice on X acknowledging the incident: “We were recently exploited.” The liquidity provider also published addresses for three wallets holding the stolen funds and reported the wallets had collected roughly $3 million, $3 million and $700,000 respectively. TrustedVolumes added it is willing to discuss remediation and wrote, “We are open to constructive communication regarding a bug bounty and a mutually acceptable resolution.”
On-chain tracing shows the funds were consolidated across the three addresses. Security teams and blockchain analysts continue to monitor movements and token conversions. As of the latest updates, no law enforcement attribution or arrests linked to this specific incident have been announced.
The exploit occurs amid a rise in losses reported in decentralized finance this year. Industry figures show nearly $770 million lost in 2026 so far, with about $169 million recorded in the first quarter and nearly 30 incidents in April that together exceeded $600 million. International law enforcement agencies, including the FBI, the Dubai Police Department and China’s Ministry of Public Security, have coordinated operations that led to the disruption of several scam centers and the arrest of multiple suspects.
Investigations into the exact mechanics of the TrustedVolumes exploit and any operational links to prior attacks are ongoing. Blockaid and TrustedVolumes said they will continue to monitor on-chain activity and cooperate with parties working on recovery and remediation.
Articles by this author
