Even though the attackers were the same as in 2025, the current attack focuses on a different vulnerability related to a custom RFQ proxy.
TrustedVolumes, a 1inch market maker and resolver, was recently hit by an exploit detected by an on-chain security platform, Blockaid. According to Blockaid, the victim contract was TrustedVolumes’ resolver contract on Ethereum .
The attacker extracted around $5.87 million, including 1,291.16 WETH, 206,282 USDT, 16.939 WBTC, and 1,268,771 USDC. Not the first time In retrospect, this was not the first instance of such an exploit happening. In fact, the attacker was the same operator who had exploited 1inch Fusion V1, which had cost about $5 million just last year, in March 2025. This time, however, things are a little different.
Blockaid pointed out that the ongoing attack involves a different vulnerability pertaining to a custom RFQ proxy that is controlled by TrustedVolumes. As expected, TrustedVolumes also took to X and noted, We were recently exploited.
Additionally, the liquidity provider also shared addresses of three wallets holding the stolen funds. $3 million, $3 million, and $700K had been collected by each of the three wallets, respectively. TrustedVolumes added, We are open to constructive communication regarding a bug bounty and a mutually acceptable resolution. Scams are increasing at an alarming rate Even so, 2026 is only halfway over, and the increase in scams has been startling.
As previously reported by AMBCrypto, the DeFi space has already lost almost $770 million so far this year, following a $169 million containment in Q1. In April alone, there were nearly 30 incidents totaling over $600 million. Because of this rise in scams, the FBI, Dubai Police Department, and China's Ministry of Public Security recently worked together to apprehend the hackers.
As a result, the trio was successful in evacuating at least nine scam centers related to cryptocurrency fraud and arresting 276 people. Final Summary $5.87 million was depleted by the TrustedVolumes attack, which included 1,291.16 WETH, 206,282 USDT, 16.939 WBTC, and 1,268,771 USDC. The surge in scams indicates that losses are hitting all-time highs in just the first five months of 2026.
Exploit Ethereum Ambcrypto Crypto News
United States Latest News, United States Headlines
Similar News:You can also read news stories similar to this one that we have collected from other news sources.
Drift Protocol Announces Recovery Plan for $295 Million ExploitDrift Protocol has unveiled a detailed plan to compensate users affected by a $295 million exploit, attributing the attack to a DPRK-affiliated threat actor. The plan involves a recovery token system funded by protocol revenue, Tether support, and partner capital, with a relaunch targeted for Q2 2026.
Read more »
Kelp DAO Accuses LayerZero of Infrastructure Failures in $300M Exploit, Announces Migration to Chainlink CCIPKelp DAO disputes claims that its configuration caused the $300M exploit, blaming LayerZero's infrastructure vulnerabilities. The protocol will migrate to Chainlink CCIP, citing security concerns and systemic risks in cross-chain infrastructure.
Read more »
Ekubo Exploit Exposes Cross-Chain Routing Risks in DeFi InfrastructureA recent security incident involving Ekubo, a decentralized exchange on Starknet, highlights vulnerabilities in DeFi’s approval-based structure and cross-chain routing systems. Attackers drained 17 WBTC by exploiting router contracts, converting the funds into $1.36 million worth of ETH before routing them through Tornado Cash. The exploit underscores growing concerns about approval contagion and systemic risks in DeFi infrastructure.
Read more »
KelpDAO dumps LayerZero for Chainlink CCIP after $293mln exploitKelpDAO blamed LayerZero's failure over the recent attack and announced plans to migrate from LayerZero to Chainlink's CCIP.
Read more »
Ethena, Kelp DAO diverge on root cause of $300M LayerZero exploitEthena and Kelp DAO differ on the cause of the $300M LayerZero exploit, highlighting a growing debate over cross-chain security design.
Read more »
Aave liquidates attacker positions in rsETH exploit recovery effortAave liquidates attacker rsETH positions on Ethereum and Arbitrum, advancing recovery efforts after the April exploit.
Read more »