TrustedVolumes, a liquidity provider and market maker for decentralized exchange aggregator 1inch, is suffering an ongoing attack that has drained around $5.87 million, blockchain security firm Blockaid reported.
In a Wednesday post on social media platform X, Blockaid flagged that the exploit was affecting TrustedVolumes' resolver contract on the Ethereum blockchain.
According to Blockaid, the $5.87 million in drained funds included 1,291.16 WETH, 206,282 USDT, 16.939 WBTC, and 1,268,771 USDC.
The security firm stated that the attacker was the same entity responsible for the March 2025 exploit of 1inch Fusion V1, which drained around $5 million. However, Blockaid noted that the ongoing attack involves a different vulnerability related to a TrustedVolumes-controlled custom RFQ (request for quote) swap proxy.
Attacks on DeFi participants have surged significantly since last month, marked by the $285 million social engineering attack on Drift and the $293 million exploit on Kelp DAO.
According to data from DefiLlama, a total of $635.2 million was stolen in hacks and exploits in April, which was the largest monthly sum since February 2025, when hackers stole nearly $1.5 billion from Bybit. The attack on TrustedVolumes marks the fifth major exploit since the beginning of May.
This is a developing story.
Disclaimer: The Block is an independent media outlet that delivers news, research, and data. As of November 2023, Foresight Ventures is a majority investor of The Block. Foresight Ventures invests in other companies in the crypto space. Crypto exchange Bitget is an anchor LP for Foresight Ventures. The Block continues to operate independently to deliver objective, impactful, and timely information about the crypto industry. Here are our current financial disclosures.
© 2026 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.
