1inch Denies Protocol Exploit After Trusted Volumes Attack Drains $5.87 Million

Another major DeFi attack has shaken the crypto market. A liquidity provider tied to 1inch’s Trusted Volumes system has reportedly been exploited for nearly $5.87 million, with attackers draining millions in WETH, USDT, WBTC, and USDC. 

What’s more shocking while is two of the 1inch Responded to the exploited, Denies Protocol Exploit Claims, says TrustedVolumes operates independently as a liquidity

How the Trusted Volumes Exploit Happened

Security researchers at Blockaid revealed that attackers exploited a vulnerability in the Trusted Volumes resolver contract. This vulnerability allowed them to execute malicious orders directly from users’ wallets.

The attack worked by abusing a public function in the contract. Using this function, the attacker was able to add themselves as an “Allowed Order Signer.” Once they gained this permission, they could use old wallet approvals that users had previously granted to move funds.

What made the exploit especially dangerous is that users did not need to approve any new transaction for the attack to happen. Existing token approvals alone were enough for attackers to access and transfer assets.

The incident once again highlights one of DeFi’s biggest hidden risks: unlimited token approvals that stay active even after users stop using a protocol.

According to Blockaid, the attacker behind this exploit appears to be linked to the March 2025 1inch Fusion V1 attack.

Nearly $5.9 Million Drained

Further blockchain security firm PeckShield reported that the attacker has already extracted:

• 1,291.16 WETH
• 206,282 USDT
• 16.939 WBTC
• 1,268,771 USDC

The total stolen amount currently stands at approximately $5.87 million.

Researchers identified the affected resolver contract and vulnerable proxy linked to the March 2025 1inch Fusion V1 attack. Security experts also discovered strong similarities between the two incidents while tracing the exploiter wallet connected to the attack.

DeFi Hacks Continue to Rise in 2026

The TrustedVolumes exploit is now reportedly the fifth major DeFi exploit over the last one month alone, extending what is becoming an increasingly dangerous period for decentralized finance platforms.

The overall DeFi market has already witnessed several massive hacks in recent weeks, including:

• A reported $285 million exploit targeting Drift Protocol
• A separate $293 million attack involving Kelp DAO

According to data from DefiLlama, total crypto assets stolen in April 2026 surged to approximately $635.2 million, the highest level since the massive 2025 Bybit exploit where nearly $1.5 billion was drained.

1inch Responds, Denies Protocol Exploit Claims

Following reports linking the attack to 1inch, the protocol released an official statement denying that its own systems or infrastructure were compromised.

In a recent update, 1inch stated:

“We are aware of misleading reports relating to an exploit involving TrustedVolumes. We can confirm that neither 1inch nor any of the 1inch protocols are involved.”

The team further clarified that there was “no impact on 1inch systems, infrastructure or user funds.”

According to the statement, TrustedVolumes operates independently as a liquidity provider and is used by multiple protocols across the DeFi industry, meaning the affected infrastructure was not exclusive to 1inch.