$6.7M Defi Hack Exposes Vulnerability in Trusted Volumes Platform
TrustedVolumes Suffers $6.7 Million DeFi Exploit Through Vulnerable Liquidity Resolver Contract
A recent security breach has exposed TrustedVolumes, a prominent liquidity provider in the decentralized finance (DeFi) space, to a $6.7 million exploit. The attack targeted the platform’s liquidity resolver contract on the Ethereum network, allowing unauthorized withdrawals of multiple digital assets.
Stolen Funds:
- Approximately 1,291 Wrapped Ether (WETH)
- 206,282 USDT
- 16.93 Wrapped Bitcoin (WBTC)
- 1.26 million USD Coin (USDC)
The breach demonstrates the ongoing vulnerability of DeFi systems to sophisticated attacks. According to blockchain analytics firm Blockaid, the exploit showed similarities to earlier attack patterns linked to a March 2025 incident involving 1inch Fusion V1. However, the latest breach utilized a distinct vulnerability vector, leveraging weaknesses in TrustedVolumes’ custom Request for Quote (RFQ) swap proxy infrastructure.
Security experts believe that the attacker behind the TrustedVolumes exploit appears to be a highly strategic operator rather than a random hacker, carefully targeting system weaknesses over time. This level of sophistication highlights the need for robust security measures and continuous monitoring within the DeFi space.
Response from 1inch:
1inch, a major DeFi aggregator, clarified that neither its core systems nor user funds were impacted by the breach. The platform stated that TrustedVolumes is only one of several liquidity resolvers used within its broader infrastructure, ensuring uninterrupted service through redundancy across resolvers.
The incident adds to a growing list of high-value DeFi exploits in recent months, underscoring persistent vulnerabilities in cross-chain and liquidity systems. At present, TrustedVolumes has initiated an investigation and is tracking associated wallet activity, but no confirmed recovery of stolen funds has been reported.
About Author
English