Another major DeFi attack has shaken the crypto market. A liquidity provider tied to 1inch’s Trusted Volumes system has reportedly been exploited for nearly $5.87 million, with attackers draining millions in WETH, USDT, WBTC, and USDC.
More concerningly, blockchain security firms warn that the exploit may still be ongoing, meaning additional losses could still occur.
So, how did the exploit happen?
How the Trusted Volumes Exploit Happened
Security researchers at Blockaid revealed that attackers exploited a vulnerability in the Trusted Volumes resolver contract. This vulnerability allowed them to execute malicious orders directly from users’ wallets.
The attack worked by abusing a public function in the contract. Using this function, the attacker was able to add themselves as an “Allowed Order Signer.” Once they gained this permission, they could use old wallet approvals that users had previously granted to move funds.
What made the exploit especially dangerous is that users did not need to approve any new transaction for the attack to happen. Existing token approvals alone were enough for attackers to access and transfer assets.
The incident once again highlights one of DeFi’s biggest hidden risks: unlimited token approvals that stay active even after users stop using a protocol.
According to Blockaid, the attacker behind this exploit appears to be linked to the March 2025 1inch Fusion V1 attack.
Nearly $5.9 Million Drained
Further blockchain security firm PeckShield reported that the attacker has already extracted:
- 1,291.16 WETH
- 206,282 USDT
- 16.939 WBTC
- 1,268,771 USDC
The total stolen amount currently stands at approximately $5.87 million.
Researchers identified the affected resolver contract and vulnerable proxy linked to the March 2025 1inch Fusion V1 attack. Security experts also discovered strong similarities between the two incidents while tracing the exploiter wallet connected to the attack.
DeFi Hacks Continue to Rise in 2026
The TrustedVolumes exploit is now reportedly the fifth major DeFi exploit over the last one month alone, extending what is becoming an increasingly dangerous period for decentralized finance platforms.
The overall DeFi market has already witnessed several massive hacks in recent weeks, including:
- A reported $285 million exploit targeting Drift Protocol
- A separate $293 million attack involving Kelp DAO
According to data from DefiLlama, total crypto assets stolen in April 2026 surged to approximately $635.2 million, the highest level since the massive 2025 Bybit exploit where nearly $1.5 billion was drained.
Was this writing helpful?
Story Ends Here
Trust with CoinPedia:
CoinPedia has been delivering accurate and timely cryptocurrency and blockchain updates since 2017. All content is created by our expert panel of analysts and journalists, following strict Editorial Guidelines based on E-E-A-T (Experience, Expertise, Authoritativeness, Trustworthiness). Every article is fact-checked against reputable sources to ensure accuracy, transparency, and reliability. Our review policy guarantees unbiased evaluations when recommending exchanges, platforms, or tools. We strive to provide timely updates about everything crypto & blockchain, right from startups to industry majors.
Investment Disclaimer:
All opinions and insights shared represent the author’s own views on current market conditions. Please do your own research before making investment decisions. Neither the writer nor the publication assumes responsibility for your financial choices.
Sponsored and Advertisements:
Sponsored content and affiliate links may appear on our site. Advertisements are marked clearly, and our editorial content remains entirely independent from our ad partners.
Read the Next News
