Nikolas Sargeant
TL;DR
- TrustedVolumes, a market maker for 1inch, is under attack, with $5.87 million drained from its resolver contract on the Ethereum blockchain.
- The exploit, linked to a March 2025 1inch attack, targets a different vulnerability in TrustedVolumes’ custom RFQ swap proxy.
1inch Liquidity Provider TrustedVolumes Hit with Ongoing Exploit
TrustedVolumes, a liquidity provider and market maker for decentralized exchange aggregator 1inch, is currently facing an active attack that has stolen approximately $5.87 million, according to blockchain security firm Blockaid.
While announcing this on X, Blockaid stated that the exploit is targeting TrustedVolumes' resolver contract on the Ethereum blockchain.
🚨 Blockaid's exploit detection system has identified an on-going exploit on TrustedVolumes (1inch market maker / resolver, @trustedvolumes ).
— Blockaid (@blockaid_) May 7, 2026
Chain: Ethereum
Victim contract: TrustedVolumes resolver — 0x9bA0CF1588E1DFA905eC948F7FE5104dD40EDa31
Exploiter:…
The stolen funds include 1,291.16 WETH, 206,282 USDT, 16.939 WBTC, and 1,268,771 USDC, as reported by Blockaid.
The security firm also pointed out that this attack appears to be the work of the same entity responsible for the March 2025 exploit of 1inch Fusion V1, which resulted in the loss of about $5 million.
However, this new attack exploits a different vulnerability tied to a TrustedVolumes-controlled custom RFQ (request for quote) swap proxy.
DeFi-related attacks have surged in recent weeks, with major incidents including the $285 million social engineering attack on Drift and a $293 million exploit on Kelp DAO.
According to data from DefiLlama, $635.2 million was stolen in hacks and exploits in April alone, marking the largest monthly total since February 2025, when nearly $1.5 billion was stolen from Bybit.
The ongoing attack on TrustedVolumes is now the fifth significant exploit since the start of the month.
