Blockchain security company Blockaid disclosed on X at 5:00 a.m. Eastern Time on May 6 that decentralized exchange (DEX) aggregator 1inch’s liquidity provider and market maker TrustedVolumes is being subjected to ongoing attacks. As of the time of Blockaid’s statement, losses have reached approximately $5.87 million.
Attack technical details: RFQ swap router contract vulnerability
According to Blockaid’s statement, the vulnerability exploited in this attack exists in TrustedVolumes’ custom RFQ (Request for Quote) swap router contract that it controls itself, and it differs from the technical components involved in the 1inch Fusion V1 incident on March 1, 2025.
Blockaid disclosed the breakdown of stolen assets as follows as of the time the statement was issued:
WETH (Wrapped Ether): 1,291.16
USDT: 206,282
WBTC (Wrapped Bitcoin): 16.939
USDC: 1,268,771
Involved entities: 1inch, TrustedVolumes, and Blockaid
According to Blockaid’s statement, the 1inch Fusion V1 attack incident in March 2025 and this latest incident were carried out by the same attacker. The technical vulnerabilities exploited in the two attacks are different; Fusion V1 and the TrustedVolumes RFQ swap router contract affected in this case are separate components.
Key data: DeFi security incident background
According to statistics from on-chain data platform DefiLlama, hacking attacks and exploits in April 2026 resulted in $635.2 million in losses, the highest single-month loss record since February 2025 (Bybit suffered losses of nearly $1.5 billion).
According to The Block, the attack on TrustedVolumes is the fifth major exploit incident since early May 2026. Major events in the same period include: Drift suffering a $285 million social engineering attack, and Kelp DAO suffering a $293 million vulnerability attack.
FAQ
When did this attack occur? What was the loss situation?
According to a statement released by blockchain security company Blockaid on X on May 6, 2026 (Eastern Time), TrustedVolumes is undergoing sustained attacks. As of the time of the statement, losses have reached approximately $5.87 million. Stolen assets include WETH, USDT, WBTC, and USDC.
What technical vulnerability did the attacker exploit?
According to Blockaid’s statement, the attacker exploited a vulnerability in TrustedVolumes’ custom RFQ (Request for Quote) swap router contract that it controls itself. It was deployed on the Ethereum blockchain and involves a different technical component from the vulnerability involved in the March 2025 1inch Fusion V1 incident.
Is this attack related to the 1inch incident in March 2025?
According to Blockaid’s statement, the two attacks were carried out by the same entity. In March 2025, the same attacker launched an attack against the 1inch Fusion V1 contract, causing losses of approximately $5 million; this time, the same attacker carried out a second attack against different contract components.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
California man Marlon Ferro was sentenced to 78 months for stealing cold wallets worth $250 million
According to an official statement released by the U.S. Department of Justice (DOJ) on May 7, 20-year-old California man Marlon Ferro was sentenced by a federal court to 78 months in prison for his involvement in a nationwide crypto asset social engineering scam, along with 3 years of supervised release and $2.5 million in restitution. The DOJ statement said the criminal group stole more than $250 million worth of crypto assets from multiple victims.
MarketWhisper50m ago
Aave liquidates the Kelp DAO attacker’s positions, and the Arbitrum vote approves unfreezing rsETH
According to Aave’s May 7 announcement, the Arbitrum DAO voting to unlock ETH related to the April 18 rsETH incident has reached the quorum, with over 1,600 addresses, receiving unanimous support from the community. On the same day, Aave, following its established governance procedures, completed the liquidation of the remaining rsETH positions in the Aave protocol held by the attacker of Kelp DAO.
MarketWhisper1h ago
1inch Liquidity Provider TrustedVolumes Under Attack on Ethereum, $5.87M Stolen
According to Blockaid, the 1inch market maker and resolver TrustedVolumes is under attack on Ethereum as of May 7. The vulnerability was detected in Blockaid's security monitoring system within a custom RFQ trading agent contract controlled by TrustedVolumes. Attackers have extracted
GateNews2h ago
Project Eleven Warning: 6.90 million BTC face a quantum threat, with Q-Day earliest in 2030
In the post-quantum security space, the startup Project Eleven published a report on May 6, warning that the earliest possible arrival of the quantum computers surpassing the critical point of modern cryptography (Q-Day) may be as early as 2030, with a probability exceeding 50% for occurrence by 2033. The report also estimates that, under certain conditions, around 6.9 million bitcoins face potential quantum attack risk, and it calls on the cryptocurrency ecosystem to accelerate the anti-quantum migration process.
MarketWhisper3h ago
Project Eleven Warns Q-Day Could Arrive as Early as 2030
Project Eleven published a report on Wednesday proposing that the inflection point of quantum computers breaking modern encryption, often referred to as "Q-Day," could come as early as 2030, with a breakthrough described as "more likely than not" by 2033. The startup, focused on post-quantum securit
CryptoFrontier4h ago
NYSE Tokenization Partners Warn of Synthetic Stock Token Risks
NYSE tokenization partners have issued a warning that synthetic stock tokens could mislead retail traders through misrepresentation of underlying equities and unauthorized use of company names, according to the warning.
Concerns About Offshore Synthetic Tokens
The partners identified three key ri
CryptoFrontier7h ago
