{"id":12283,"date":"2026-05-08T13:00:31","date_gmt":"2026-05-08T13:00:31","guid":{"rendered":"https:\/\/coinscap.info\/blog\/defi-platform-trustedvolumes-hit-by-6-7m-hack-as-2026-exploits-surge\/"},"modified":"2026-05-08T13:00:31","modified_gmt":"2026-05-08T13:00:31","slug":"defi-platform-trustedvolumes-hit-by-6-7m-hack-as-2026-exploits-surge","status":"publish","type":"post","link":"https:\/\/coinscap.info\/blog\/defi-platform-trustedvolumes-hit-by-6-7m-hack-as-2026-exploits-surge\/","title":{"rendered":"DeFi Platform TrustedVolumes Hit By $6.7M Hack As 2026 Exploits Surge"},"content":{"rendered":"<p style=\"font-weight: 400\">Another multi-million-dollar attack has hit the DeFi sector after liquidity provider and market maker TrustedVolumes fell victim to a smart contract exploit on Thursday night.<\/p>\n<h2 style=\"font-weight: 400\">TrustedVolumes Hit By $6.7M Hack<\/h2>\n<p style=\"font-weight: 400\">On Thursday, DeFi platform TrustedVolumes, one of 1inch liquidity providers and market makers, suffered a new exploit that drained millions of dollars in multiple assets from the project.<\/p>\n<p style=\"font-weight: 400\">According to reports from blockchain security firms PeckShield and Blockaid, the attacker stole approximately $6 million in Wrapped Ethereum (WETH), Wrapped Bitcoin (WBTC), USDT, and USDT after exploiting a vulnerability in the protocol\u2019s core signature validation logic, which allowed them to bypass authorization checks and forge trading orders.<\/p>\n<p style=\"font-weight: 400\">Notably, the hacker quickly exchanged all assets for 2.513 ETH on a Decentralized Exchange (DEX) and distributed them across three addresses. In an X post, TrustedVolumes <a href=\"https:\/\/x.com\/trustedvolumes\/status\/2052235435292910005?s=20\" target=\"_blank\" rel=\"noopener nofollow\">confirmed<\/a> the incident, sharing the addresses currently holding the stolen funds and updating the estimated loss to roughly $6.7 million.<\/p>\n<p><img decoding=\"async\" data-recalc-dims=\"1\" loading=\"lazy\" class=\"size-large wp-image-895043\" src=\"https:\/\/www.newsbtc.com\/wp-content\/uploads\/2026\/05\/Captura-de-pantalla-2026-05-07-a-las-8.59.05-a.-m.png?w=653&#038;resize=653%2C860\" alt=\"Defi\" width=\"653\" height=\"860\" \/><\/p>\n<p style=\"font-weight: 400\">The vulnerability was a TrustedVolumes-controlled custom RFQ (request for quote) swap proxy. Crypto researcher Humphrey <a href=\"https:\/\/x.com\/Humphre98361099\/status\/2052330328489103613?s=20\" target=\"_blank\" rel=\"noopener nofollow\">explained<\/a> that \u201cthe Custom RFQ Swap Proxy contract contains a function designed to manage the \u2018authorized order signer\u2019 whitelist. Such whitelist mechanisms are common in DeFi\u2014only addresses on the whitelist can issue valid transaction instructions on behalf of the protocol.\u201d<\/p>\n<p style=\"font-weight: 400\">However, he noted that \u201cthis registration function is public and lacks any permission modifiers.\u201d As a result, the attacker exploited this public function within the contract, registering themselves as an authorized order signer.<\/p>\n<p style=\"font-weight: 400\">\u201cSince any external address can call this function, it is equivalent to giving everyone the ability to make a copy of the safe\u2019s key,\u201d the researcher continued.<\/p>\n<h2 style=\"font-weight: 400\">Same Hacker, Different Attack<\/h2>\n<p style=\"font-weight: 400\">The online reports revealed that the attacker was the same hacker responsible for the $5 million 1inch Fusion V1 Settlement contract exploit in March 2025, which TrustedVolumes was the primary victim.<\/p>\n<p style=\"font-weight: 400\">Humprey highlighted that while the same individual carried out both attacks, they were significantly different on a technical level. According to the post, the 2025 vulnerability involved low-level EVM memory manipulation in the 1inch Fusion V1 Settlement contract.<\/p>\n<p style=\"font-weight: 400\">At the time, the hacker \u201cproactively initiated on-chain negotiations,\u201d offering to return the stolen assets for a white hat bounty. The DeFi platform accepted the proposal, and most of the funds were safely returned.<\/p>\n<p style=\"font-weight: 400\">Now, TrustedVolumes affirmed that it is \u201copen to constructive communication regarding a bug bounty and a mutually acceptable resolution.\u201d<\/p>\n<p style=\"font-weight: 400\">Decentralized exchange aggregator 1inch <a href=\"https:\/\/x.com\/1inch\/status\/2052288374451339544?s=20\" target=\"_blank\" rel=\"noopener nofollow\">clarified<\/a> that there was no impact on its systems, infrastructure, or user funds, explaining that \u201cTrustedVolumes operate independently as a liquidity provider, used by multiple protocols across the industry, and are not exclusive to 1inch.\u201d<\/p>\n<p>DeFi Exploits See Historic Surge<\/p>\n<p style=\"font-weight: 400\">This attack follows a wave of exploits that has shaken the DeFi sector over the past month. Last week, PeckShield revealed that the crypto space saw 40 major hacks in April, which drained approximately $647 million.<\/p>\n<p style=\"font-weight: 400\">This figure represents a 1,140% Month-over-Month (MoM) increase from March\u2019s $52.2 million. It also represents a 292% surge from the $165 million the DeFi sector lost during the first quarter of 2026.<\/p>\n<p style=\"font-weight: 400\">Notably, the top two incidents of the month, Drift Protocol\u2019s $285 million and KelpDAO\u2019s $290 million exploits, accounted for 91% of the funds lost last month. In addition, they now rank among the Top 10 hacks since 2021.<\/p>\n<p><img decoding=\"async\" data-recalc-dims=\"1\" loading=\"lazy\" class=\"size-large wp-image-895047\" src=\"https:\/\/www.newsbtc.com\/wp-content\/uploads\/2026\/05\/ETHUSDT_2026-05-07_10-40-01.png?w=860&#038;resize=860%2C563\" alt=\"DeFi, Ethereum, eth, ethusdt\" width=\"860\" height=\"563\" \/><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Another multi-million-dollar attack has hit the DeFi sector after liquidity provider and market maker TrustedVolumes fell victim to a smart contract exploit on Thursday night. TrustedVolumes Hit By $6.7M Hack On Thursday, DeFi platform TrustedVolumes, one of 1inch liquidity providers and market makers, suffered a new exploit that drained millions of dollars in multiple assets&hellip;<\/p>\n","protected":false},"author":1,"featured_media":12284,"comment_status":"","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[18],"tags":[4798,2649,32,4682,4799,4543,38,42,4684,4800,4801,4802,4803],"class_list":["post-12283","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cryptocurrency-market-news","tag-1inch","tag-crypto-hacks","tag-cryptocurrency-market-news","tag-defi-exploits","tag-defi-platform","tag-drift-protocol-exploit","tag-eth","tag-ethusdt","tag-kelpdao-exploit","tag-trustedvolumes","tag-trustedvolumes-exploit","tag-wbtc","tag-weth"],"_links":{"self":[{"href":"https:\/\/coinscap.info\/blog\/wp-json\/wp\/v2\/posts\/12283","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/coinscap.info\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/coinscap.info\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/coinscap.info\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/coinscap.info\/blog\/wp-json\/wp\/v2\/comments?post=12283"}],"version-history":[{"count":0,"href":"https:\/\/coinscap.info\/blog\/wp-json\/wp\/v2\/posts\/12283\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/coinscap.info\/blog\/wp-json\/wp\/v2\/media\/12284"}],"wp:attachment":[{"href":"https:\/\/coinscap.info\/blog\/wp-json\/wp\/v2\/media?parent=12283"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/coinscap.info\/blog\/wp-json\/wp\/v2\/categories?post=12283"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/coinscap.info\/blog\/wp-json\/wp\/v2\/tags?post=12283"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}