DeFi Platform TrustedVolumes Hit By $6.7M Hack As 2026 Exploits Surge
Analysis
Price Impact
HighThe defi sector is experiencing a surge in hacks, with this $6.7m exploit on trustedvolumes adding to the growing concern. this incident, similar to a previous one involving the same hacker, highlights ongoing vulnerabilities in smart contract security. the overall increase in defi exploits can erode investor confidence and lead to a bearish sentiment for the broader defi market and related tokens.
Trustworthiness
HighPrice Direction
BearishIncreased security risks and a surge in defi exploits generally lead to a bearish outlook for the sector. investors become more risk-averse, potentially moving funds away from defi protocols and towards more established or perceived safer assets. this could put downward pressure on eth, wbtc, and usdt if they are seen as indirectly exposed or if overall market sentiment turns negative.
Time Effect
LongWhile the immediate impact might be felt in the short term, the continuous increase in defi exploits (as indicated by the surge in april) suggests a persistent systemic risk. this could have a prolonged negative effect on investor confidence and the growth of the defi sector over a longer period until more robust security measures are widely adopted and proven effective.
Original Article:
Article Content:
Reason to trust Strict editorial policy that focuses on accuracy, relevance, and impartiality Created by industry experts and meticulously reviewed The highest standards in reporting and publishing How Our News is Made Strict editorial policy that focuses on accuracy, relevance, and impartiality Ad discliamer Morbi pretium leo et nisl aliquam mollis. Quisque arcu lorem, ultricies quis pellentesque nec, ullamcorper eu odio. Another multi-million-dollar attack has hit the DeFi sector after liquidity provider and market maker TrustedVolumes fell victim to a smart contract exploit on Thursday night. Related Reading Solana Eyes New Leg Up After Triangle Breakout – Is $96 The Next Stop? 22 hours ago TrustedVolumes Hit By $6.7M Hack On Thursday, DeFi platform TrustedVolumes, one of 1inch liquidity providers and market makers, suffered a new exploit that drained millions of dollars in multiple assets from the project. According to reports from blockchain security firms PeckShield and Blockaid, the attacker stole approximately $6 million in Wrapped Ethereum (WETH), Wrapped Bitcoin (WBTC), USDT, and USDT after exploiting a vulnerability in the protocol’s core signature validation logic, which allowed them to bypass authorization checks and forge trading orders. Notably, the hacker quickly exchanged all assets for 2.513 ETH on a Decentralized Exchange (DEX) and distributed them across three addresses. In an X post, TrustedVolumes confirmed the incident, sharing the addresses currently holding the stolen funds and updating the estimated loss to roughly $6.7 million. TrustedVolumes confirms exploit. Source: X The vulnerability was a TrustedVolumes-controlled custom RFQ (request for quote) swap proxy. Crypto researcher Humphrey explained that “the Custom RFQ Swap Proxy contract contains a function designed to manage the ‘authorized order signer’ whitelist. Such whitelist mechanisms are common in DeFi—only addresses on the whitelist can issue valid transaction instructions on behalf of the protocol.” However, he noted that “this registration function is public and lacks any permission modifiers.” As a result, the attacker exploited this public function within the contract, registering themselves as an authorized order signer. “Since any external address can call this function, it is equivalent to giving everyone the ability to make a copy of the safe’s key,” the researcher continued. Same Hacker, Different Attack The online reports revealed that the attacker was the same hacker responsible for the $5 million 1inch Fusion V1 Settlement contract exploit in March 2025, which TrustedVolumes was the primary victim. Humprey highlighted that while the same individual carried out both attacks , they were significantly different on a technical level. According to the post, the 2025 vulnerability involved low-level EVM memory manipulation in the 1inch Fusion V1 Settlement contract. At the time, the hacker “proactively initiated on-chain negotiations,” offering to return the stolen assets for a white hat bounty. The DeFi platform accepted the proposal, and most of the funds were safely returned. Now, TrustedVolumes affirmed that it is “open to constructive communication regarding a bug bounty and a mutually acceptable resolution.” Decentralized exchange aggregator 1inch clarified that there was no impact on its systems, infrastructure, or user funds, explaining that “TrustedVolumes operate independently as a liquidity provider, used by multiple protocols across the industry, and are not exclusive to 1inch.” DeFi Exploits See Historic Surge This attack follows a wave of exploits that has shaken the DeFi sector over the past month. Last week, PeckShield revealed that the crypto space saw 40 major hacks in April, which drained approximately $647 million. Related Reading $150M Crypto Ponzi Crumbles: $41.5M Frozen In DSJ Exchange Collapse 1 day ago This figure represents a 1,140% Month-over-Month (MoM) increase from March’s $52.2 million. It also represents a 292% surge from the $165 million the DeFi sector lost during the first quarter of 2026. Notably, the top two incidents of the month, Drift Protocol ’s $285 million and KelpDAO’ s $290 million exploits, accounted for 91% of the funds lost last month. In addition, they now rank among the Top 10 hacks since 2021. ETH’s performance in the one-week chart. Source: ETHUSDT on TradingView Featured Image from Unsplash.com, Chart from TradingView.com